Section: .. / papers / unix /
| /// File Name: |
adv.overflow.paper.txt |
Description:
|
Paper on writing advanced buffer overflow exploits. The early buffer overflow exploit codes only spawn a shell ( execute /bin/sh ). However, nowadays some of the buffer overflow exploit codes have very nice features. For example, passing through filtering, opening a socket, breaking chroot, and so on. This paper will attempt to explain the advanced buffer overflow exploit skill under intel x86 linux.
| | Author: | Taeho Oh, Postech Laboratory for Unix Security, and Postech Linux User Group. | | File Size: | 60166 | | Last Modified: | Oct 21 17:07:02 1999 |
| MD5 Checksum: | 766c0b7ea7f39e69f2ab7dce3503415d |
|
| /// File Name: |
AIX_Security.pdf |
Description:
|
White paper on basic security and hardening procedures for AIX. Many of the features and functions shown throughout this guide are applicable to AIX 4.3 and above, but are more directed towards AIX 5.2. This guide attempts to cover a lot of ground and offers useful and necessary insight for anyone administering AIX machines.
| | Author: | Andre Derek Protas | | File Size: | 356907 | | Last Modified: | Jul 27 23:23:39 2004 |
| MD5 Checksum: | 7ee76c37cf394cc8018decb23e4e558e |
|
| /// File Name: |
alpha-bof.txt |
Description:
|
This paper will attempt to explain how to exploit a buffer overflow under alpha linux.
| | Author: | Taeho Oh | | File Size: | 34229 | | Last Modified: | Nov 15 20:15:10 1999 |
| MD5 Checksum: | 94b882751512d04ec72662890094c208 |
|
| /// File Name: |
alpha-fmtstr.txt |
Description:
|
How to Exploit Format String Vulnerabilities under Alpha Linux. Includes techniques and example code.
| | Author: | Truefinder | | Homepage: | http://igrus.inha.ac.kr/~seo | | File Size: | 22921 | | Last Modified: | Sep 28 12:27:57 2001 |
| MD5 Checksum: | 77555d54c389c58fc5c52f1ce310a874 |
|
| /// File Name: |
asmcodes-1.0.2.pdf |
Description:
|
Unix Assembly Code Development for Vulnerabilities Illustration Purposes v1.02 - Covers IRIX / MIPS, Solaris, HP-UX, AIX, Ultrix, Linux, BeOS, and BSD. Includes system call invocation information, code specifics, "Zero free" code, ASM functionality, and examples.
| | Author: | The Last Stage of Delerium | | Homepage: | http://lsd-pl.net | | File Size: | 280120 | | Last Modified: | Jul 29 01:48:31 2001 |
| MD5 Checksum: | 024ff88ab975a35c795a04c9db0f0576 |
|
| /// File Name: |
asmcodes-1.0.2.tar.gz |
Description:
|
This package contains all codes prepared for technical paper - UNIX Assembly Codes Development for Vulnerabilities Illustration Purposes. For every discussed processor architecture samples of various assembly components are included.
| | Author: | The Last Stage of Delirium | | Homepage: | http://lsd-pl.net | | File Size: | 14101 | | Last Modified: | Jul 29 01:50:54 2001 |
| MD5 Checksum: | 3f31db7d6cb75525ecf87fdec3047b10 |
|
| /// File Name: |
bastion11.txt |
Description:
|
Building a Bastion Host Using HP-UX 11 - Covers configuring HP-UX 10 and 11 to be a secure host, useful for firewall gateways, web servers, ftp servers, dns servers, mail hubs, and more.
| | Author: | Kevin Steves | | Homepage: | http://people.hp.se/stevesk/ | | File Size: | 54086 | | Last Modified: | Apr 12 04:31:56 2000 |
| MD5 Checksum: | fbdbe23eb6db6e5064ca9f6f7e873493 |
|
| /// File Name: |
bsdkern.htm |
Description:
|
Attacking FreeBSD with Kernel Modules - The System Call Approach. System calls can be backdoored on FreeBSD much like they can on linux, and most linux kernel modules can easily be ported to FreeBSD. Includes information on intercepting system calls, filesystem related hacks, hiding files and contests, process related hacks, file execution redirection, tty hijacking, and module hiding.
| | Author: | pragmatic | | Homepage: | http://www.pimmel.com/articles/ | | File Size: | 146950 | | Last Modified: | Dec 20 15:09:53 1999 |
| MD5 Checksum: | 6fa8de63f4d5e1d3600b411782a2ff6a |
|
| /// File Name: |
cops.ps |
Description:
|
The COPS Security Checker System: A description of one of the most popular UNIX security scanners
| | File Size: | 202735 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | 1595be6f3741364a37bd6943cb0da3a1 |
|
| /// File Name: |
core_format_strings.pdf |
Description:
|
Vulnerabilities in Your Code Part II - Format string vulnerabilities and exploitation. Shows the exact location of the vulnerabilities, providing detailed explanations and exploits for each one found.
| | Author: | Core Security Team | | Homepage: | http://www.core-sec.com | | File Size: | 236465 | | Last Modified: | Jan 23 03:40:01 2003 |
| MD5 Checksum: | bb907eb9a4f60e0c9bfc8c3f75d6307a |
|
| /// File Name: |
disassembling.txt |
Description:
|
Disassembling programs on Debian Linux 2.2 using gdb.
| | Author: | Seamus | | File Size: | 12775 | | Last Modified: | Mar 15 20:20:36 2001 |
| MD5 Checksum: | 93372530435d52395912ab038d31d9bf |
|
| /// File Name: |
ebpoverflow.txt |
Description:
|
One Byte Frame Pointer Overwrite Hardcoded Exploits - This paper describes how to exploit overflows which are off by only one byte. Includes sample code.
| | Author: | Nebunu | | File Size: | 14982 | | Last Modified: | Oct 29 23:55:23 2003 |
| MD5 Checksum: | 3b316253703503292efec1f27f80389a |
|
| /// File Name: |
elf-runtime-fixup.txt |
Description:
|
Reversing the ELF - Stepping with GDB during PLT uses and .GOT fixup. This is a GDB tutorial about runtime process fixup using the Procedure Linkage Table section (.plt) and the Global Offset Table section (.got) by the dynamic linker ld-linux.so. ASM knowledge will be helpful. More info on ELF here.
| | Author: | Mayhem | | Homepage: | http://www.devhell.org/~mayhem | | File Size: | 11631 | | Last Modified: | Jan 17 01:36:17 2002 |
| MD5 Checksum: | a0158f7bb4c8098db9f9a4a633b10155 |
|
| /// File Name: |
envpaper.pdf |
Description:
|
Radical Environments part I - A paper that compiles various stack related tips and tricks which discusses how an exploit without nops works.
| | Author: | gloomy, The Itch | | Homepage: | http://www.netric.org | | File Size: | 131498 | | Last Modified: | Apr 22 01:53:49 2003 |
| MD5 Checksum: | b567cc1c11e03fc568e88bd47b06c40c |
|
| /// File Name: |
exploit.txt |
Description:
|
A tutorial on how to write shellcode and exploits, and how buffer overflows work in general. It aims to be detailed and suitable for novice exploit coders with some C understanding.
| | Author: | Mixter | | Homepage: | http://members.tripod.com/mixtersecurity | | File Size: | 21386 | | Last Modified: | Nov 29 14:09:49 1999 |
| MD5 Checksum: | 20dde7bcc0210e65d823750810cfebd9 |
|
| /// File Name: |
farmer.txt |
Description:
|
Improving the Security of Your Site by Breaking Into It: Discussion of a number of commonly used attacks on UNIX systems, and how to check your systems for vulnerability to them
| | File Size: | 51966 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | 9263076a86ea1ed6433672a16ff4e69e |
|
| /// File Name: |
fbsdfun.htm |
Description:
|
Fun and Games with FreeBSD Kernel Modules - Kernel hacking using kernel modules and kmem patching. Contains information on how to intercept system calls and other calls in the kernel by altering the corresponding call table. Also shows how to alter these tables by writing to kernel memory and gives an example of patching the kernel directly without the use of modules. Furthermore an example is given on how the symbol table in the kernel can be altered.
| | Author: | Stephanie Wehner | | Homepage: | http://www.r4k.net | | File Size: | 56829 | | Last Modified: | Sep 17 22:36:32 2001 |
| MD5 Checksum: | 1c02af353600d213d821553a35d81211 |
|
| /// File Name: |
finger.htm |
Description:
|
Passive Fingerprinting is a method to learn more about the enemy, without them knowing it. Specifically, you can determine the operating system and other characteristics of the remote host using nothing more then sniffer traces. Though not 100% accurate, you can get surprisingly good results by looking at the TTL, TOS, Window Size, and DF bit. Includes information on changing your machines fingerprint on Linux and Solaris.
| | Author: | Lance Spitzner | | Homepage: | http://www.enteract.com/~lspitz/ | | File Size: | 11193 | | Last Modified: | Apr 27 15:06:36 2000 |
| MD5 Checksum: | 8bee07cbafbcbd2801a8aff717f7959d |
|
| /// File Name: |
fmat.txt |
Description:
|
An alternative method in format string exploitation - a paper discussing a method of making format string exploits static again on 2.6 with random VA.
| | Author: | K-sPecial | | Homepage: | http://xzziroz.net/ | | File Size: | 15259 | | Last Modified: | Oct 20 20:29:28 2006 |
| MD5 Checksum: | 3323b524868edd9e4a53cd3146c4d95f |
|
| /// File Name: |
fmt.tar.gz |
Description:
|
Fmt.tar.gz contains tutorials in English and German on exploiting local format string vulnerabilities. This is a summary of tutorials from http://community.core-sdi.com/~juliano and includes sample code.
| | Author: | Delikon | | Homepage: | http://www.delikon.de | | File Size: | 5662 | | Last Modified: | Aug 23 02:45:33 2002 |
| MD5 Checksum: | 07f78152dbb1ed57e5ed511cdda34553 |
|
| /// File Name: |
fmtbuild.htm |
Description:
|
Format String Builder includes code and instructions for use of a program which aids in the creation of format string exploits. Includes fmtbuilder.c, a small program to help build the strings.
| | Author: | Frederic Raynal, Samuel Dralet | | File Size: | 30808 | | Last Modified: | Aug 8 21:25:38 2001 |
| MD5 Checksum: | 585acdb32659a450e7e167a400b6d3ff |
|
| /// File Name: |
format_bugs.txt |
Description:
|
Format Bugs - What they are, Where they came from, and How to exploit them. Users can often input format strings into printf and other statments, causing the stack to be overwritten. Includes code samples and debugger output.
| | Author: | Lamarga | | Homepage: | http://lamagra.seKure.de | | File Size: | 5997 | | Last Modified: | Jun 29 18:14:50 2000 |
| MD5 Checksum: | 0f9a284535487d1ecff78e011e370e44 |
|
| /// File Name: |
formatstring-1.2.tar.gz |
Description:
|
Exploiting Format String Vulnerabilities v1.2 - Includes over 30 pages of well organized information along with several examples.
| | Author: | Scut | | Homepage: | https://www.team-teso.net | | File Size: | 214530 | | Last Modified: | Oct 11 00:41:48 2001 |
| MD5 Checksum: | b83261bd868fa46874290b59915bda58 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
