| |
The notion of automated exploitation is something that has at one point or
another crossed the mind of almost every information security researcher since
the dawn of the science. However, due to the heavy requirement of developing
the theory, as well as the software to implement the theoretical mechanisms
required, software to perform this task has not been seen in the professional
debugging arena.
Grayscale Research has changed this with the advent of the Prototype-8
software debugging suite. This whitepaper aims not to promote this software, but
to provide the theory required to build such a system.
By utilizing the inherent native debugging libraries on the Windows and
the Linux platform, it is possible to achieve the holy grail of exploit development
for both platforms. Reliable exploits, that literally write themselves.
|
|
|
[top]
|
| |
Explore how to create software that extracts raw data from the filesystem. This paper is a very detail oriented run through of what it takes in order to read from the first sector of the physical disk all the way to finding and extracting data from relevant files.
Reading this white paper will give a forensic investigator all of the tools necessary to build an engine capable of extracting data from files in the NTFS file system, regardless of whether theyre locked in any way or not.
|
|
|
[top]
|
| |
Utilizing the the popular L.A.M.P platform as a base, this presentation describes the process of utilizing SQL Injections to compromise a remote host.
|
|
|
[top]
|
| |
With Intel calling conventions as a guideline, explore a creative paper detailing methods for determining and enumerating function behavior. This paper utilizes advanced debugger theory to demonstrate how to determine the possibility of abuse of binary function calls of which no prototype is known.
|
|
|
[top]
|
| |
The recent controversy surrounding XSS and its technical merit warrants a serious look into how to leverage this class of vulnerability. This paper intends to demonstrate how the flaw can be leveraged to steal credentials from a user, and hijack their session.
|
|
|
[top]
|
| |
This presentation was provided for the local DC619 group, and aims to illuminate the mystery behind the windows memory model. This presentation is a high level overview of the concepts introduced with Intel virtual memory managment in the scope of the Windows operating system.
Grayscale Research
|
|
|
[top]
|
Automated Exploit Development