0xNinjaCyclone Blog

Penetration tester and Red teamer


[Exploit development] 9- Crashing the Stack: A Real-World Guide to Buffer Overflow Exploits

Intro

Hi folks, here we are again after a hiatus of months or nearly a year. I hope you are all well. This is the most interesting part of the exploitation series, where we will discuss the most famous type of memory corruption bugs: Stack-based buffer overflow. With an explanation of various examples of the vulnerability, why it occurs in the first place, and how it can be exploited in different scenarios depending on the nature of the target, and also addressing more advanced topics such as whether high-level languages ​​that have an automatic memory management system are completely safe against this type of vulnerabilities or not.

Read more...

[Exploit development] 8- Buffer Over-Read Attacks and Developing a Real Exploit

Intro

Welcome to the eighth part of the series on discovering binary application vulnerabilities and developing appropriate exploits. In the previous part, we talked about string format vulnerabilities and how to exploit them in several ways, including leaking sensitive information from private memory. In this part, we will continue to discuss more attacks of this type. We will discuss how to discover these types of vulnerabilities and exploit them optimally. Also, we will apply it to a famous vulnerability that was discovered before. We will analyze it well, and understand its nature and the reason for its occurrence. Based on that, we will develop an exploit to carry out the attack. We will test this exploit in a lab dedicated to applying the attack to it.

Read more...

[Exploit development] 7- How to do magic with string format bugs

Intro

Welcome everyone, to the seventh part of the exploit development series. In this article, we will discuss the string format vulnerability and the scientific and programming concepts behind it. This will lead us to answer many questions, such as why it occurs and how to make the most of it and exploit it optimally.

In the beginning, I would like to say that this type of vulnerabilities has become very rare to occur, but the concepts that you will learn will definitely benefit you, increase your skills as an exploit developer, and improve your way of thinking and methodology.

Read more...

[Exploit development] 6- Dealing with ELF files programmatically

Intro

Welcome to our third part in the exploration of executable binary files. This article delves into the structure of ELF files, exploring the critical information they contain and how to programmatically interact with them. As previously mentioned, while the PE format is vital for cybersecurity specialists, especially the specializations emerging from reverse engineering, our focus here is on comprehending the ELF format which is also important. First, you had better read the first part, which is an important theoretical overview of executable binary files, then read the second part, which offers a practical in-depth exploration of Windows PE files, and a lot of base concepts we’re gonna use have been explained in that part.

Read more...

[Exploit development] 5- Dealing with Windows PE files programmatically

Intro

Welcome to our in-depth exploration of Windows PE files. Understanding the PE format is crucial for cybersecurity professionals, as it provides insight into the architecture and functioning of Windows executables. In this article, we delve into parsing PE files programmatically, a skill essential for analyzing and exploiting software vulnerabilities. Although we won’t examine every detail of the PE format, we’ll focus on the most pertinent aspects that are essential for cybersecurity experts. For foundational knowledge, I recommend reading the previous part, which offers a theoretical overview of PE files, their structure, and key concepts related to this topic. Let’s embark on this technical journey to enhance our understanding and skills in handling Windows PE files.

Read more...

[Exploit development] 4- Understanding Binary Files

Intro

Hello everyone, I hope you’re all well. In this article, we’re going to talk about binary files. We’ll look at how they are built, what they contain, their structure, and the information contained within each part. the importance of this information, the role of each piece of information, and how we can read and understand it using specialized tools. Understanding the architecture of binary files is vital for reverse engineering and the process of debugging and analyzing the software to determine what it does so you can break it. Also, this is very important for developing custom shellcodes as we’ll see in the upcoming articles.

Read more...

[Exploit development] 3- Understanding Heap Memory

Intro

Hello everyone, hope you’re all well. In this article, we’re going to talk about heap memory. We’ll look at what it is, how it works, and why software uses it. I’ll explain the heap’s special functions (APIs) and what happens in the background when software uses these functions. Let’s get started and learn more about heap memory!

What is Heap?

The heap is a contiguous large region of memory that is subdivided into chunks to be dynamically allocated and deallocated at run time as needed. Each chunk in the heap contains not only the data for which memory has been allocated, but also includes additional metadata that guides the operating system in handling it.

Read more...

[Exploit development] 2- Understanding Stack Memory

Intro

Hello everyone, I hope you are well. In this article, we will discuss the stack, why any computer program needs it, what vital role it plays, and how it works in detail. We will explore the operations performed on the stack and how they are handled. Understanding the stack will pave the way for us in the exploit development field and other fields like reverse engineering and malware development.

Read more...

[Exploit development] 1- Intro

Intro

Hello everyone, I hope you are doing well, In this article we will cover some subjects like what is exploit development or binary exploitation we will take a step back and cover the meaning of software. Also, what are the prerequisites to get into this field?

What is software?

Software is a set of instructions, data, or programs used to operate computers and execute specific tasks.
Any software mainly takes input, does some processing, and then export output, The input may be taken from the user or another software, Additionally, the output may be exported to the user or another software for recycling.
The operating system is responsible for running and managing the software. It provides it with the resources it needs, such as memory, how to execute the task in parallel, and more.

Read more...
1 of 1