Buffer Overflow
Contents
Links
Stack-based Buffer Overflows
- Buffer Overflows Demystified: http://www.shellcode.com.ar/docz/bof/buf-eng.htm
- Smashing the stack for fun and profit (erster Artikel): http://www.phrack.org/phrack/49/P49-14
- Smashing the stack for fun and profit (zweiter Artikel): http://www.phrack.org/phrack/60/p60-0x06.txt
Heap-based Buffer Overflows
Shellcode
- ia64 shellcode: http://www.phrack.org/show.php?p=57&a=5
- Multi-platform shellcode: http://www.phrack.org/show.php?p=57&a=14
- Shellcode für verschiedene Unices entwickeln: http://lsd-pl.net/unix_assembly.html
Assembler
- How do I write "hello, world" in FreeBSD assembler: http://home.ptd.net/~tms2/hello.html
- The Art of Assembly Language: http://webster.cs.ucr.edu/
- http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/x86.html
Weiteres
- InsecureProgramming?: http://community.core-sdi.com/~gera/InsecureProgramming
- http://community.corest.com/~juliano/
- Secure Programming: http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/secure.html
- http://www.hackersplayground.org/papers.html
- http://www.theta44.org/main.html
- Das Sicherheitsloch Buffer-Overflows und wie man sich davor schützt http://www.heise.de/ct/01/23/216/
Workshopfolien
- die Folien vom ersten Vortrag findet man fier: http://untergrund.bewaff.net/~chris/BO_1.pdf
- und vom zweiten: http://untergrund.bewaff.net/~chris/BO_2.pdf
t00lZ
- elf shell: http://www.devhell.org/~mayhem/projects/elfsh/
- bastard disassembler: http://bastard.sourceforge.net/
- binary editor: http://biew.sourceforge.net/
- ht editor: http://hte.sf.net/
- shell code in python erzeugen: http://oss.coresecurity.com/projects/inlineegg.html