Wednesday, March 2, 2011

Exploit Writers Debugging Tutorial

I have written a debugging tutorial specifically for exploit writers, which you can read at the InfoSec Institute resources site.  It covers all of the debugging skills needed to use OllyDbg for the development of Basic to Intermediate exploits, and is intended as a lead in to the tutorials I am planning on how to exploit each of the vulnerabilities in Vulnserver.

Links below:

Part 1
Part 2

 Enjoy!

4 comments:

  1. You are doing an excellent work lupin. Keep it up!!!

    ReplyDelete
  2. Just a query - I'm a novice in this computer lark, and am hoping for a pointer in a certain part of your Ollydbg tutorial. I can't get past where one has to run a code in perl script (Basicclient.pl)into the vulnserver mounted in the Ollydbg.

    (For reference, my P.C is an Intel(R) Pentium(R) 4CPU 2.60GHz 2.59 GHz)

    I've no idea how to feed in the address so that a client connection can be made. I installed active perl, which when a (pl) is opened, all that happens is a black screen flashes in the desktop and vanishes as fast as it came.
    I've searched the web for answers but have found naught.

    I'd love to get past this point to continue with the rest of the tutorial - which is absolutely great!! - Please advise . . .

    ReplyDelete
  3. Hi Jon

    Time to get familiar with the Windows command line!

    Run cmd.exe, use the cd command to change to the directory where your script is stored (cd c:\scripts\) and run the perl script from there (perl Basicclient.pl).

    You might also want to Google for some guides on using the Windows command line.

    ReplyDelete