lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 24 Jun 2015 11:07:41 -0400
From: Craig Young <vuln-report@...ur3.us>
To: Full Disclosure <fulldisclosure@...lists.org>
Subject: [FD] ROP 101 Blog

Hi List,

FYI - This is a post for the n00bs in the audience.  If you already know
how to chain together gadgets to form a ROP chain and get a shell, this
post is not for you.

I know there are some on the list who could benefit by a better
understanding of ROP so:
http://www.tripwire.com/state-of-security/off-topic/vert-vuln-school-return-oriented-programming-rop-101/

The target binary/VM as well as some other info is available from the
VulnHub page:
https://www.vulnhub.com/entry/rop-primer-02,114/

Slides from the BSides London workshop are here:
https://speakerdeck.com/barrebas/rop-primer

Best Regards,
Craig Young
Security Researcher, Tripwire VERT
@CraigTweets

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ