[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vip /vp / vr / w / wg / wsg / wsr / x / y ] [Search | Home]
4Archive logo
So, just started reading Hacking: The art...
If images are not shown try to refresh the page. If you like this website, please disable any AdBlock software!

You are currently reading a thread in /g/ - Technology

Thread replies: 12
Thread images: 2
So, just started reading Hacking: The art of exploitation
But the problem is its from 2008
What book would be recommended after this as further lecture to get me up to date?
>>
File: 51IuNDzDhwL.jpg (64 KB, 399x500) Image search: [iqdb] [SauceNao] [Google]
51IuNDzDhwL.jpg
64 KB, 399x500
>>
>>45948131
top fucking kek
but no please fuck off
>>
>>45948091
>>45948175
also, to try proving im not a complete wannabe retard, i have experience in C, C++ and also a little Python
>>
The Case for Christ by Lee Strobel
>>
Start reading stuff on the internet about beating DEP and ASLR. The concepts taught in that book are still very relevant. The only thing that has changed are the measures taken by some operating systems to prevent RCE via memory corruption. It is extremely difficult to teach ASLR bypasses, since in most every case they are different. DEP is a little more concrete, but you'll still need to find different gadgets for every exploit and possibly OS version.

I'd reccommend reading in depth about DEP and ASLR after you've finished and thoroughly understand what is in the book. Also, start doing a lot of hands on research. Maybe get better at RE. Secrets of Reverse engineering is good.

Once you've reached the point where you can find and exploit a memory corruption vulnerability to gain RCE, its time to start exploring on your own.
>>
>>45948363
Wow, thank you for your awesome help
Will definitely save this for later when i understand what you said
>>
>>45948577
No problem. A couple more hints that should help you.

When dealing with DEP (xp+, linux 2.6.8+), you'll typically use something called Return Oriented Programming (ROP), also known as "Return to libc"

When dealing with ASLR you'll need a couple things, either an abitrary read vulnerablility that will disclose memory locations of the image base (or disclose a value from which you can compute the base at which the image is loaded). If that isn't available, you might need to heap spray. Sometimes you need a combination of both.

If you read up on DEP/ROP, ASLR, aribitrary reads/memory disclosures, and heap spraying techniques (typically using an arbitrary write), you'll be off to a good start. Once you start having to deal with modern OS memory and execution protections, is when things start to get interesting.

Typically, I test my POC exploit on an XP machine (with DEP), then I move to windows 7 (ASLR + DEP), then I move to win 8 (larger ASLR seed + DEP + randomised heap). Shit can get pretty interesting. Good luck.
>>
>>45948211
>i have experience in C, C++ and also a little Python
I also have lurked in threads where the most popular languages on the board have been listed.
>>
>>45948577
https://www.youtube.com/watch?v=PMra7f4NBdM
>>
Also interested in this, what are good books to learn hacking?
>>
>>45950205
The book OP is reading (The Art of Exploitation) is really good. There are a TON of subjects you need in order to actually exploit computers (especially those w/ modern operating systems). Read books on C programming, reverse engineering, socket programming, and networking. On top of that, read The Art of Exploitation and practice a bunch.
Thread replies: 12
Thread images: 2
Thread DB ID: 30708



[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vip /vp / vr / w / wg / wsg / wsr / x / y] [Search | Home]

[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vip /vp / vr / w / wg / wsg / wsr / x / y] [Search | Home]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the shown content originated from that site. This means that 4Archive shows their content, archived. If you need information for a Poster - contact them.
If a post contains personal/copyrighted/illegal content, then use the post's [Report] link! If a post is not removed within 24h contact me at [email protected] with the post's information.