In our team's latest blog post, we build a few examples that showcase ways in which memory corruption vulnerabilities could manifest in Delphi code despite being included in a list of "memory safe" languages within a paper published by the NSA. We cover how compiler flags and dangerous system library routines could affect memory safety while demonstrating Delphi stack/heap-based overflow examples and conclude with a few tips for developers to avoid introducing memory vulnerabilities in their ...| Include Security Research Blog
Protecting devices from malicious use is often a cat-and-mouse game between security researchers identifying software vulnerabilities (CVEs) and product-makers patching them before attackers can exploit them. As a result, devices can no longer be developed, shipped and forgotten. Instead, manufacturers must commit to keeping those devices up to date and free from critical vulnerabilities for …| www.thegoodpenguin.co.uk
And I’m back with another write up tracking my progress figuring out all the ways to break vulnserver! This time we will fuzz and break the GMON command. This time we will see that it’s not a classic buffer overflow, but rather a very specific overflow that requires a bit more work to make it work for us. Without going into more detail too early, let’s start fuzzing the application!| anubissec.github.io
This is it, I’m jumping on the bandwagon of documenting my OSCE/CTP prep. Even though blogs like this are plentiful, and certainly will contain a larger wealth of knowledge than what will be found here, I am mainly doing this for my own tracking. I would like to not only see my own personal growth, but I’ve always said to people “If you can teach/explain a topic to someone else, that’s when you know you fully understand it.”| anubissec.github.io
Εισαγωγή H προστασία Data Execution Prevention (αποτροπή εκτέλεσης δεδομένων) ή εν συντομία DEP, αποτελεί ένα σύνολο τεχνολογιών Hardware (υλικού) και Software (λογισμικού) που πραγματοποιούν πρόσθ…| Ghost in the Lab
Πριν από μερικές μέρες, για τις ανάγκες ενός project, κατέβασα την freeware εφαρμογή CPE17 Autorun Killer (AntiAutorun), η οποία έχει σκοπό της, την διαγραφή των ύποπτων “autorun.inf” α…| Ghost in the Lab
Σε προηγούμενα άρθρα (1,2) καταφέραμε –σχετικά εύκολα– να ανακατευθύνουμε τη ροή του προγράμματος στο οποίο επιτεθήκαμε, με αποτέλεσμα να εκτελέσουμε επιτυχώς δικό μας κακόβουλο κώδικα …| Ghost in the Lab
PMSoftware Simple Web Server 2.2-rc2: The easy and small way to open an HTTP Web Server. Now HTTP/1.1 compliant, RTSP/1.0, PAWN and LUA plugins A Simple Web Server (for example can be used t…| Ghost in the Lab
The following vulnerable application (server.exe) was part of the Appsec Research 2012 University Challenge. Goal: To open a command shell on the server with privileges of the vulnerable echo serve…| Ghost in the Lab
Update: The module has been added to the Metasploit tree. Thanks to jduck for cleaning it up and generalizing it! View here; now just use svn update to get the module. — In my previous post…| my 20%
While perusing Full Disclosure recently, I came across Jon Butler’s Proof of Concept (PoC) exploit for Easy FTP Server 1.7.0.2, an obscure FTP server. I’m no expert on exploit developme…| my 20%