Whitepaper called SafeSEH+SEHOP all-at-once bypass exploitation method principles.
83ce42a2ebc0a0cb5a110a97fb019c23Whitepaper called Evading Antimalware Engines via Assembly Ghostwriting.
ef81349fd7e316af1415093967278318Whitepaper called Bypassing Windows 7 Kernel ASLR. In this paper, the author explains every step to code an exploit with a useful kernel ASLR bypass. Successful exploitation is performed on Windows 7 SP0 / SP1.
defeccd4921f777f49317eddd9b03190Whitepaper called Bypassing IDS with Return Oriented Programming. It heavily discusses and shows the point of leveraging polymorphic shellcode in order to bypass detection.
28f53d8ad007672928e4dc56784e256dWhitepaper called Bypassing ASLR/DEP. It discusses techniques to bypass these security mechanisms and how custom shellcodes are developed.
5ff29ab616f229f91f054533fb673a46Using the attacks in this paper allows you to bypass all of PHPIDS's rule sets, which defeats all protection PHPIDS can provide. Furthermore, on a default install of PHPIDS the log file can be used to drop a PHP backdoor. This can use PHPIDS as a vital steping stone in turning an LFI vulnerability into remote code execution. The end result is that use of PHPIDS 0.6.5 can make you less secure. All of these issues have been fixed in version 0.7.
9ab07f1c927a13a3d156d301289a0974Whitepaper called Defeating DEP (Data Execution Prevention) through a mapped file.
6d9e97c2c0ec1ec449e0d4d86d17f894This whitepaper details the ins and outs of return-oriented programming and DEP bypass.
3c0ba7861fe225de4f31036a46b987d2Whitepaper called Defeating Data Execution Prevention and ASLR in Windows XP SP3. Data prevention Execution (DEP) and Address space layout randomization (ASLR) are two protection mechanisms integrated in Windows operating system to make more complicated the task of exploiting software. This document show how these two features can be bypassed using different techniques.
a67067e8e0dae7f182a786213b30aed6Whitepaper called Bypassing Anti-Virus Scanners.
ac6502acce41650496faa087d474e6f0Whitepaper called Antivirus / Firewall Evasion Techniques : Evolution of Download Deploy Shellcode.
63609462407d404c3c538d32c4e57027Whitepaper called Bypassing Browser Memory Protections.
95657eee5f5fc56951e75e9d64ec3813Whitepaper called Evading AV Signatures - Derailing Antivirus.
5367708e1ee5bd9006afd06da4193ce7Whitepaper called Binary Code Modification. Written in Turkish.
5bb8b9a2f5e202fafd9435e503a608d2Bypassing DEP with WPM and ROP Case Study - Audio Converter by D.R. Software.
0f909efeee056cdc9d9283d2dc1b3247Fortify (FORTIFY_SOURCE as used with gdb) suffers from a little trick that allows for reading of arbitrary address space.
d8d53c926f4714c404d8adaf19edcabcWhitepaper called Injection Techniques to Anti Bypass.
ada6a900b2e6c08eb559b13b8cd5e47aThis paper documents a cross site scripting workaround for strip_tags and addslashes.
bc453f713eb3b22ad67384331372b7faWhitepaper called Bypassing Oracle DBMS_ASSERT (in certain situations). Originally written in July of 2008 but is just being released now.
2ebf0727b0106460bbbc700063cb4301Whitepaper called Bypassing Hardware Based Data Execution Prevention (DEP) on Windows 2003 SP2.
88722c8393820193c531964be64b5bb8Whitepaper called Evading network-level emulation.
bb07c56d03bfe2de76398463853fc273Whitepaper called Bypassing Authentication with Reverse Engineering in Linux x86. Written in French.
19c50bb676b1d10a4180966e99a16b50Whitepaper called Bypassing Authentication With Buffer Overflows. Written in French.
2af1e89fe2f47f17731b04650d8956f2Whitepaper called Bypassing Windows Server 2008 Password Protection.
fee5be61a66c109fa759c9fe3bf75210Brief whitepaper discussing return to LIBC exploitation on Linux.
f26ae137d661666b5f6007106966c68a
© 2011 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed