by Julien Ahrens | Friday, December 16, 2011 | Exploit
Another possible way to jump to shellcode is using the PUSH ESP, RET technique. If you’ve got no usable CALLs or JMPs to ESP for some reasons, you can first use a PUSH ESP to put the address of ESP onto the Stack and after that RET that value to the EIP. So this...
by Julien Ahrens | Saturday, December 10, 2011 | Uncategorized
In my first tutorial I’ve taken a JMP ESP from some system .dll called WMVCore.dll. Since this isn’t a reliable jump, because the WMVCore.dll might differ from OS version to OS version, it would be more reliable to take one from a loaded application DLL....
by Julien Ahrens | Thursday, December 8, 2011 | Uncategorized
Exploiting is a very interesting topic and there are many ways of manipulating the stack. One of those ways is using the POP, RET functions. Using the “Free MP3 CD Ripper” – Exploit from my first tutorial, I would like to show how a POP RET is...
by Julien Ahrens | Wednesday, November 30, 2011 | Uncategorized
Hello readers again! Since I am still getting deeper into penetration tests in AppSec, it helps quite a lot to write about things to get new ideas and thoughts – so I decided to write a little tutorial on how a buffer overflow basically works using a real world...
by Julien Ahrens | Monday, November 21, 2011 | Uncategorized
Welcome to my blog about IT-Security, Vulnerability Researching, Reverse Engineering, Linux, and creativity in general :-). This blog will contain everything the Security-heart loves – enjoy your reading! This site is officially still under construction since I...
