2011年4月19日 星期二

整理



最近的一些學習資料整理這樣XD


About歷史:
Memory Corruption Attacks The (almost) Complete History
https://media.blackhat.com/bh-us-10/whitepapers/Meer/BlackHat-USA-2010-Meer-History-of-Memory-Corruption-Attacks-wp.pdf

Past, Present, Future of Windows Exploitation
http://www.abysssec.com/blog/2010/05/past-present-future-of-windows-exploitation/



About Heap Spray:
Heap Feng Shui in JavaScript
http://www.blackhat.com/presentations/bh-europe-07/Sotirov/Presentation/bh-eu-07-sotirov-apr19.pdf



About JIT Spray:
Interpreter Exploitation: Pointer Inference and JIT Spraying
http://www.semantiscope.com/research/BHDC2010/BHDC-2010-Paper.pdf

Writing JIT-Spray Shellcode for fun and profit
http://bbs.pediy.com/showthread.php?p=776730



About ROP:
Return-Oriented Exploitation
https://media.blackhat.com/bh-us-10/presentations/Zovi/BlackHat-USA-2010-DaiZovi-Return-Oriented-Exploitation-slides.pdf

Bypass DEP with WPM & ROP Case Study : Audio Converter by D.R Software Exploit and Document by Sud0
http://www.exploit-db.com/download_pdf/13764/
簡體中文翻譯
http://riusksk.blogbus.com/logs/73847721.html



About Writing Exploit:
Exploit Writing Tutorials
http://www.corelan.be/index.php/category/security/exploit-writing-tutorials/
簡體中文翻譯
http://bbs.pediy.com/showthread.php?t=101217





2 則留言: