[iarce at core-sdi.com: InsecureProgramming: hands on exploit developme

[ Home | Liste | F.A.Q. | Risorse | Cerca... ]

[ Data: precedente | successivo | indice ] [ Argomento: precedente | successivo | indice ]

Archivio: Agosto 2001 ml@sikurezza.org
Soggetto: [iarce at core-sdi.com: InsecureProgramming: hands on exploit  development]
Mittente: Igor Falcomata'
Data: 4 Aug 2001 13:16:07 -0000

approfittando dell'ennesimo viaggio in treno per tirarmi un po' avanti con
le varie maling list, ho visto questo.. potrebbe essere interessante (non ho
guardato la pagina, solo il msg):

bye
Koba (moderatore)

ps: per antirez e quelli interessati alla sua proposte (tra cui io). Se
serve coordinarsi o cmq parlare ancora dell'idea, invito tutti a spostarsi
su progetto@ (che serve proprio a queste cose). Per la ml, penso che non ci
siano problemi ad ospitarla qui (a breve un mio post su progetto@ riguardo
alla proposta di antirez e a quella di awgn)

ps2: non mi ricordo se l'ho gia' detto o no, cmq buone vacanze a quelli che
sono in vacanza e buon lavoro a quelli che sono al lavoro [etc.] :)

-- 

Igor Falcomata'
IT Security Manager & Consultant
Infosec srl - http://www.infosec.it
Network Security and Data Defense
 --
free advertising: www.sikurezza.org - Italian Security Mailing List

----- Forwarded message from Iv?n Arce <iarce at core-sdi.com> -----

From: Iv?n Arce <iarce at core-sdi.com>
To: <core.lists.exploit-dev at core-sdi.com>
Subject: InsecureProgramming: hands on exploit  development
Date: Fri, 27 Jul 2001 20:02:33 -0300
Organization: CORE SDI
X-Mailer: Microsoft Outlook Express 5.50.4522.1200

Hello
 A friend and co-worker (Gerardo Richarte, gera AT corest.com)
 has set up a web page with  a set of small vulnerable programs.

The idea behind this is to write an exploit for each of them and
while doing so learn a bit (on a hands on experience) about
interesting techniques for exploit development and how to
actually implement those techniques.
Get together all your text files and articles about buffer
overflows,  format string bugs and etceteras and go to:

http://community.core-sdi.com/~gera/InsecureProgramming/

plenty of interesting things to exploit, stack and heap overflows,
destructors, signal handlers, function pointers, PLTs, etc.

Gera says hes still working on the page but will benefit a lot
from input and feedback from anyone.

keep your exploits to yourself or post them or discuss about
them or whatever.

cheers,
-ivan

---

"Understanding. A cerebral secretion that enables one having it to know
 a house from a horse by the roof on the house,
 Its nature and laws have been exhaustively expounded by Locke,
 who rode a house, and Kant, who lived in a horse." - Ambrose Bierce


CORE SDI Inc.
Iván Arce
Chief Technology Officer
PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836  B25D 207B E78E 2AD1 F65A
email   : iarce at core-sdi.com
http://www.core-sdi.com
Florida 141 2do cuerpo Piso 7
C1005AAC Buenos Aires, Argentina.
Tel/Fax : +(54-11) 4878-CORE (2673)
----- End forwarded message -----

________________________________________________________
http://www.sikurezza.org - Italian Security Mailing List

Data:
- precedente: Consorzio Security Auditing, antirez
- successivo: IMPORTANTE Alcaltel Speed Touch, Luca Berra
- indice

Argomento:
- precedente: Consorzio Security Auditing, antirez
- successivo: IMPORTANTE Alcaltel Speed Touch, Luca Berra
- indice

[ Home | Liste | F.A.Q. | Risorse | Cerca... ]

www.sikurezza.org - Italian Security Mailing List
(c) 1999-2005