Posts tagged Exploitation
below is the Links and Guides Tels about How to learn Exploitation Techniques this Guide is writtn by (Aka Bond)
I believe the question been asked in the Subject falls under the same category when a newbie asks “How Shall I learn Hacking Techniques?”.
Here is an attempt to share with you all few tips and guidelines to begin the Exploitation venture.
* Possibility is high that many geeks here would not agree fully with me, but that’s the beauty of hacking domain…everyone learns in his own way!
1. Do I need to know programming?: It’s always good to have programming experience in hacking domain. Same applies to exploitation techniques as well, but not mandatory. Even without having programming experience you would be able to climb up few ladders.
But to reach at a good level, you definitely need to learn programming.
Reason: Who will find the vulnerability for you at the first stage?
Answer: Fuzzing tools, Source code review, Reverse Engineering.
Out of above stated 3 techniques to find vulnerabilities, only Fuzzing using available tools is the option for those who can not code. Moreover later on you’ll find that available fuzzing tools are not meeting your requirements and you need to code something of your own!
Conclusion: Programming skills are mandatory to become a good vulnerability researcher and exploit developer. Btw, now-a-days Python is hackers first choice. C, Perl are other few choices.
2. OK, anyways I wish to taste the exploitation techniques:
a) Do I need to know assembly? Oh man that scares me!!!
Here I would seriously suggest to learn basic 8086 Assembly programming if you wanna go a long way learning exploitation techniques. If you simple wish to somehow manage to list your name once on some exploit database site, don’t learn assembly.
Reason: Don’t you consider “shellcode” to be a part of exploit? Yeah I agree that metasploit is the best to generate them but it’s all shellcodes get detected by AV’s.
Knowledge of assembly programming would help you in the following:
1. Coding your own shellcodes, be them the simple ones of polymorphic shellcodes.
2. Disassembling codes
3. Reverse Engineering
4. To get an inside view of how programs work, the state of registers, memory, stack, heap at the every step of flow of your program. And believe me, analyzing registers, stack, memory etc. is the most fascinating part.
Enough being said to justify the points, lets proceed with the resource you should grab and start with in sequence:
1. Assembly for Hackers Primer Video Series by Vivek Ramachandran
The best series to start with to build up basics. It covers the following:
a) Basics of registers, stack, memory etc
b) Basics of using GDB (GNU DeBugger)
c) Basics of the program flow and how the program execution effects the state of registers, stack etc.
d) Basics of stack over flow exploits etc.
Grab it from security tube.
2. Programming from the Ground Up – by Jonathan Bartlett
Reading first 100 pages serve the purpose and would be enough for a good start. Grab it for free on internet.
The best thing about this book is that it’s not biased towards Win32 Assembly or Linux Assembly. Instead the way the author has presented the programs/codes in this book gives you a deeper understanding of the activities (state of stack, registers) going on behind the curtains.
Here I would like to mention that most of the tutorials you’ll find on Win32 Assembly focuses on the development of GUI programs on windows and not on the internal state of various memory components
3. Being covered the first two steps, you can proceed either with developing shellcode techniques or exploitation techniques.
For both of them you need to follow a deep rabbit hole.
I would like to list down few good resources for them:
a) Exploitation Techniques series by Peter Van Eeckhoutte. An awesome series of tutorials which are easy to understand and practice with.
b) The Art of Exploitation Part 1 and Part 2
c) The Shellcoders Handbook Part 1 and Part 2
d) Past, Present, Future of Windows Exploitation
http://www.abysssec.com/blog/2010/05…-exploitation/ is a good resource of all the famous/popular and good articles on exploitation.
e) From 0x90 to 0x4c454554, a journey into exploitation.
Awesome Resoucres from scratch to Dive Deeper in rabbit hole to Learn Exploitation (Suggested by Punter).
f) Smashing the Stack in 2010 (Suggested by Punter)
The links and sources would never end and hence we would keep on adding them.
So do you dare to exploit now!
Remember: “Everyone Starts from Scratch”
Found Interesting videos on Exploitation
Dino Dai Zovi’s Memory Corruption 101
Basic debugging for exploit development
Exploit mitigations, shellcoding, and Metasploit with Dino Dai Zovi.