As stated in my first post, I do not plan on re hashing content that is already available. So I will be assuming that the reader already has some understanding of the tools in use and has a good idea of how exploits work. If you are unaware of how the tools work or exploit writing in general, I would recommend heading over to Peter Van Eeckhoutte's blog and reading his exploit writing tutorials. I will make a post later with a collection of more resources.
I will try to the best of my ability to cover vulnerabilities that do not have public exploits. This may not always be the case, if I think that a particular technique would be good to show.
I will not provide malicious exploits. I will simply show the process of reading an advisory and writing an exploit for it in a proof of concept fashion.
Finally, I am not responsible for any damage done to your computer or others while following posts. They are meant to be purely educational for the reader and their research.
No comments:
Post a Comment