Archive for category Exploits
In The Hacker Games, a hostile VM is used as the target. It employs a few counterattacks among the included CTF-style challenges, so if you don’t want any spoilers, don’t keep reading!
Welcome, welcome! The time has come to select one courageous young hacker for the honor of representing District 12 in the 74th annual Hacker Games! And congratulations, for you have been selected as tribute! … Depending on your skill level, you could pwn (or be pwned) in just a few minutes or in a few hours. So hack it before it hacks you …
[Also found this lingering on my hard drive from earlier this year, the recent exploits using Java to do the same thing reminded me of this. But I think it's still valid, so here you go. Useful if the target doesn't have Java I guess.] Vanilla Firefox doesn’t seem to be missing ASLR/DEP protection; the [...]
As the recent exploits for IE using the .NET 2.0 DLL demonstrate, sometimes a non-ASLR DLL to enable an exploit is just a LoadLibrary away. So if pvefindaddr won’t give you any ASLR-free DLL’s in memory, look for other DLL’s which the process will load, given the right input. Or from a system-hardening or development [...]