0 0
Read Time:1 Minute, 6 Second

Part 1: https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/

Part 2: https://www.corelan.be/index.php/2009/07/23/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-2/

Windows Binaries (Recommend that you run these on Windows 7/XP 32 bit) :

Vulnserver: https://samsclass.info/127/proj/vuln-server.htm

Minishare 1.4.1: https://www.exploit-db.com/exploits/636

Savant Web Server 3.1: https://www.exploit-db.com/exploits/10434

Freefloat FTP Server 1.0: https://www.exploit-db.com/exploits/40673

Core FTP Server 1.2: https://www.exploit-db.com/exploits/39480 Linux Binaries :

Linux Buffer Overflow: https://samsclass.info/127/proj/lbuf1.htm
Vulnerable Boxes:

Brainpan 1: https://www.vulnhub.com/entry/brainpan-1,51/
Pinky’s Palace version 1: https://www.vulnhub.com/entry/pinkys-palace-v1,225/

Other Resources :

Whitepaper Introduction to Immunity Debugger: https://www.sans.org/reading-room/whitepapers/malicious/basic-reverse-engineering-immunity-debugger-36982

Buffer Overflows for Dummies: https://www.sans.org/reading-room/whitepapers/threats/buffer-overflows-dummies-481

Vortex Stack Buffer Overflow Practice: https://www.vortex.id.au/2017/05/pwkoscp-stack-buffer-overflow-practice/

Smashing the Stack For Fun and Profit: http://www-inst.eecs.berkeley.edu/~cs161/fa08/papers/stack_smashing.pdf

=================

About Post Author

Treadstone 71

@Treadstone71LLC Cyber intelligence, counterintelligence, Influence Operations, Cyber Operations, OSINT, Clandestine Cyber HUMINT, cyber intel and OSINT training and analysis, cyber psyops, strategic intelligence, Open-Source Intelligence collection, analytic writing, structured analytic techniques, Target Adversary Research, cyber counterintelligence, strategic intelligence analysis, estimative intelligence, forecasting intelligence, warning intelligence, threat intelligence
Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %

By Treadstone 71

@Treadstone71LLC Cyber intelligence, counterintelligence, Influence Operations, Cyber Operations, OSINT, Clandestine Cyber HUMINT, cyber intel and OSINT training and analysis, cyber psyops, strategic intelligence, Open-Source Intelligence collection, analytic writing, structured analytic techniques, Target Adversary Research, cyber counterintelligence, strategic intelligence analysis, estimative intelligence, forecasting intelligence, warning intelligence, threat intelligence