Java Dynamic Instrumentation #2

        Continuing from Java Dynamic Instrumentation #1, this post will cover some more advanced features of the Javassist API.

Java Dynamic Instrumentation #1

        Instrumentation is the process of injecting code into a compiled program. In Java, this can be done statically and dynamically. Using static intrumentation, a class’ bytecode is modified and saved to disk; permanently modifying the class. With dynamic instrumentation, the class’ bytecode is modified in memory right before being loaded.

Gera's Insecure Programming Advance Buffer Overflow #3

This exercise is compiled on Debian 2.6.32 with NX and ASLR enabled. However, those
protections do not effect the difficulty of the exercise. Exploiting this challenge could have been performed with or without those protections.

Gera's Insecure Programming Advance Buffer Overflow #1 (ROP NX/ASLR Bypass)

After my last post, I decided to go straight into the Advance Buffer Overflow (ABO) section and practice more ROP. The first ABO exercise was a straight-forward buffer overflow.

SEH Record Exploitation

A lot of programming languages, like C, C++, Java, Python, Ruby, etc, have exception support. In the event of an exception, the program searches back through the stack of function calls until an exception handler is found. Actually, the pointers to the exception handler are stored in the stack frame of each function. So, in effect, we have a function pointer on the stack that we can overwrite if we have a buffer overflow.

JavaScript SetOffset()

While doing a JavaScript exploit I encountered that there isn’t a convenient function in JavaScript to set specific code to a specific offset in a given string.

Gera's Insecure Programming warming up stack #1 (ROP NX/ASLR Bypass)

I started gera’s exercises on format strings vulnerabilities. I am going to start on the stack next. This post will be my first ROP practice and it was fun :). The main purpose of “warming up the stack” exercises is to just bypass the canary. However, I wanted to make it harder and get a shell out of it.

CSAW CTF: Munchbrunch Writeup

#Web200