Tutorials

Insecure Programming By Example

A classic exploitation learning reference developed by the amazing gera from CORE Security. I was (I believe) originally pointed to this list by pusscat and kmx2600 via a blog post that I can’t track down that you should go read, and was inspired to document it as a blog series almost-certainly by reading xorl’s blog. Many other tutorials have been written. This incomplete series is mine, written a long time ago in a gender far, far away…but still might be useful as an introduction to binary exploitation on Linux.

See the Resources section of my site for download links to the Virtual Machine images I use. There are many others that would also work.

Warming up on Stack

Insecure Programming by Example – Intro & stack1.c

Insecure Programming by Example – gdb debugging & stack2.c

Insecure Programming by Example – ruminations on stack3.c

Insecure Programming by Example – controlling EIP, stack4.c

Insecure Programming by Example: shellcode & stack5.c

Advanced Buffer Overflows

Insecure Programming by Example: Advanced Buffer Overflows 1

Insecure Programming by Example: abo2.c, not vulnerable…o rly?

Insecure Programming by Example: abo3.c

Insecure Programming by Example: abo4.c POINTER MADNESS

Insecure Programming by Example: abo5.c we GOT this…

Insecure Programming by Example: abo6/7/8 Ménage à trois

Advertisements