Saturday, December 8, 2012

DEP Bypass Tutorial for Vulnserver

When Vulnserver was originally released I did say at the time that I would release a tutorial that covers the process of bypassing DEP.  That was of course just before I started in a new job and my blog posting regularity pretty much dropped off the cliff.  Well the good news (for me, and for you too perhaps) is that now I don't have to write that tutorial, because someone else has already done it!

Check out the tutorial here.  Ive only given it a quick skim so far, but based on what Ive seen it looks pretty good.


UPDATE 22/11/2013: Yeah, the link doesn't work any more, and I cant find any copies of this tutorial anywhere else on the web. I have my own DEP bypassing exploit for Vulnserver written, and a tutorial partly done, but its probably a while away from completion given all the stuff I have going on at the moment. If people are really keen to see a DEP bypass tutorial, let me know and if there's enough interest I might be motivated to get it done a bit sooner...

7 comments:

  1. yeh > iam interested to see dep lesson
    uplaod it >> your tuts its awesome
    thanks U so much

    ReplyDelete
  2. Iam find amazing lesson talking about "ROP" with same Target => Vulnserver <=
    here --> http://resources.infosecinstitute.com/return-oriented-programming-rop-attacks/
    or as pdf version by me here :
    http://www.4shared.com/office/ht_ExK9ece/Return_Oriented_Programming__R.html
    & im hope to see yours
    Thanks Stephen Bradshaw 4 all tuts
    Best Regrads

    ReplyDelete
    Replies
    1. Hello Again Mr.Stephen Bradshaw (Lupin) ....
      Firstly : I Wanna thank you For your amazing Tutorials .. here or at infosecinstitute

      it's helped me alot to learn exploit dev ..
      & i have some ???? & suggestions !! Pls ...

      Are you thinking about update Vulnserver ? to Make new Tuts ??
      in other words :-

      1- adding some vuln Example codes such as heap overflow & format strings & integer overflows .

      2- More Complicated & Long Headers .. i don't know way 2 Find it :(

      3- Mitm code excution example (I can't Find any tut in "Google" about mitm code exec ) .

      4- add MSVC++ compiler protections and others ..

      5- What's New in Win 8 & 8.1

      6- Browsers Protiction -> Specially Google Chrome

      Are You thinking about posting Anew Tuts About that ?
      I Hope You Find Some Time to do this .. and i wanna tell you about your explanation way it's perfect & helped beginners much More ..

      You can Take examples From exploit exercise that's very helpful and use it for windows
      Take alook --> exploit-exercises.com/


      Soon i Will Make Your tut's As pdf's like what i do with "Mike Czumak" Tuts (www.securitysift.com) you can take alook here :

      http://www.securitysift.com/category/exploits/

      PDF'S Folder Here :

      http://www.4shared.com/folder/3F5CEXyi/Security_Sift.html

      If You Continue Your posts you can make a Reference For win exploitation

      ----------------------------

      oh Yeah .. about original Dep bypass lesson on (violentpython)
      i'm find shot at Archive Site but its not helpful
      he using Mona.py Script To Auto Generate Gadgets & pics not available

      if any one want it i will make it again for him & my ? is :
      When you will post Your Dep lesson ?
      & which Api are you Used From corelan Table ?

      I Can make a tut Using "SetProcessDEPPolicy()" i'm Understand it Very Well From "Neox"
      He Was Exploit Developer at Romanian Security Team | RST & Make special Video Tuts about
      ( Win32 Exploit Development ) --> in "Romanian Language" but it's Very helpful "I like This Guy" ..
      He Supported & help me alot ..

      His YouTube Channel "metacom" :-
      --> https://www.youtube.com/channel/UCfPROrwtgxgIVzr8ONaNB6Q

      and Now i'm Study This Paper :
      "Bypassing DEP with WPM & ROP" By Sud0
      link : http://www.exploit-db.com/download_pdf/13764/


      Thanks Stephen 4 Your Time ..
      Greetings ..
      NO-MERCY

      Delete
    2. Hi NO-MERCY

      The next thing I have planned is a web app with a number of complex cryptographic flaws to exploit. Tutorials on this will cover how to write scripts and web proxy (e.g. Burp Pro) plugins in order to automate detection and exploitation of these types of vulnerabilities.

      No E.T.A on that though, or on any further exploitation tutorials - Ive got a few other things going on at the moment that's keeping me busy.

      What I may do is make the DEP exploit I have written for Vulnserver available somewhere - that way people at least have something to look at in lieu of a full tutorial.

      Delete
  3. I'm interested in a DEP bypass tut. Thanks for sharing your knowledge.

    ReplyDelete