[Noisebridge-discuss] Smashing the stack for fun and... education?
Kurt Grutzmacher
grutz at jingojango.net
Tue Aug 4 23:12:18 UTC 2009
On Tue, Aug 4, 2009 at 2:18 PM, Sai Emrys <noisebridge at saizai.com> wrote:
> I'd be interested in this, but would suggest aiming at local (and
> possibly remote?) exploits in general, rather than buffer overflows
> exclusively.
I think you're a little confused ... Local/remote is just the method to get
your exploit code there, not a class of vulnerability.
How you get your shellcode there can change but the theory is the same --
buffer overflow, NULL pointer deref, format string, etc. Start at the
beginning and move your way. Jon's book takes this approach and it works
great.
--
Kurt Grutzmacher -=- grutz at jingojango.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.noisebridge.net/pipermail/noisebridge-discuss/attachments/20090804/caf19e44/attachment-0003.html>
More information about the Noisebridge-discuss
mailing list