Home > Security > Smashing the stack in 2010 (improved)

Smashing the stack in 2010 (improved)

Hi,

in this brief post I will show you the improvements I have made on “Smashing the stack in 2010″. First of all I have improved the bibliography in order to help the readers to learn and delve into as well as to give the credits to others researchers for their works. Then I have rewritten the section “write an exploit” in my Windows part because of lack of clarity in the previous version, now I hope it is suitable to a newbie. Last but not least I have added a new part called “Real Scenario” in which we are going to analyze real exploits, in fact it is important – to gain a real and useful knowledge – to be able to analyze a real attack even it can be complex and sophisticated. In the report I have analyzed in detail  CVE-2010-0249 (Operation Aurora exploit) and CVE-2010-2883 (the Adobe cooltype sing table exploit), they are good examples of attacks through memory corruption vulnerabilities. I know that thare are a lot of analyses especially for CVE-2010-2883, but we know the paradigm “learning by doing” :) anyway if you want to read other good works I suggest you the following VUPEN (a great analysis!) and jduck (on Metasploit blog).

Smashing the stack in 2010 (improved) : download

Table of contents (of the new part):

IV Real Scenario 75
8 Attacks and memory corruption 75
9 Memory corruption in practice 76
10 Examples of real attacks 77
10.1 Theory: Heap Spraying . . . . . . . . . . . . . . . . . 77
10.2 CVE-2010-0249 – Internet Explorer 6, 2010 – Graziano.  . 78
10.3 CVE-2010-2883 – Adobe Acrobat Reader, 2010 – Graziano  . 84

As usual feel free to contact me to ask questions, to give a feedback, to point an error out to me or just to chat or you can find me on irc ( irc.azzurra.org chan #hacklab or on freenode chan #corelan ) :)

Happy hacking!! (again :P )

About these ads
  1. September 29, 2014 at 21:32

    It is really a great and helpful piece of info. I am happy that you shared this useful info with us.
    Please stay us informed like this. Thanks for sharing.

  2. October 6, 2014 at 05:50

    Hey there! Do you know if they make any plugins to protect
    against hackers? I’m kinda paranoid about losing everything I’ve worked hard on. Any tips?

  3. October 10, 2014 at 08:39

    What i don’t realize is actually how you’re now not really a
    lot more smartly-preferred than you may be now.
    You are so intelligent. You already know
    thus considerably in terms of this topic, produced me for my part
    imagine it from a lot of varied angles. Its like men and women aren’t fascinated unless it is one thing to do with Lady gaga!
    Your personal stuffs nice. Always take care of it up!

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: