History view

카테고리 없음

Exploit development introduce

theFaunia in the wild 2019. 3. 4. 00:15

Welcome everybody. The idea of ​​this website is to provide detailed tutorials on Linux and Windows exploit development. The content will be in English to reach a wider range of readers. My English is not very high but I will try as much as possible to publish with good English :)

The web will mainly have two categories:

In Windows exploiting category I will use CVE to exploit the vulnerability of the software. The exploitation environment will be realistic. This category will be private with the only incentive of whoever is interested in reading the article and if you have any doubts contact me to give you the password to access the article and trying to exploit the CVE on its own. The knowledge or prerequisites are the following:

- Programming like C and Python.

- Use of debuggers and disassemblers such as IDA Pro, Hopper, x64dbg or windbg.

- Knowledge about networks and the TCP/IP stack. It is advisable to use traffic capture tools such as Wireshark.

- How to use fuzzing tools to discover vulnerabilities.

- Reverse engineering is required.

- Knowledge about PE File binaries. Very nice documentation: https://nostarch.com/binaryanalysis



In Linux exploiting category I will use pwn challenges from CTF. The exploitation environment won't be realistic since the software is not real, it is predesigned to be exploited and learning exploiting techniques. This category will be public if the challenges are not from pwnable.tw, pwnable.xyz and pwnable.kr. The challenges of the aforementioned web pages the article will be private and for its access it will simply be the flag without format.

If the challenges are from CTF online from ctftime, the writeup or article will be public. The knowledge or prerequisites are the following:

- Programming like C and Python.

- Use of debuggers and disassemblers such as IDA Pro, Hopper, radare2 or GDB.

- Reverse engineering is required. Very nice tutorials: LiveOverflow

- Knowledge about ELF binaries. Very nice documentation:  https://nostarch.com/binaryanalysis

Comments