Today, I am presenting the solution for the first challenge which consists basically in giving a solution for /010 - vulnerability analysis/01_warming_up_on_stack/stack1.exe of the package playing around with the stack through buffers using the ImmunityDebugger as a main tool. I am going to create the same solution but now using the IDA disassembler.
It is good to mention that all of the challenges for this chapter are the old Gera's InsecureProgramming challenges compiled as Windows executables. Originally, the researchers interested in source-code auditing can use those challenges -written in C- to understand how the code looks and then also identify/exploit such vulnerabilities contained within the code. Of course we can get the source for all the challenges, but we are good boys and we are not cheating and our target is to solve the challenges from a Reverse Code Engineering (RCE) perspective.
Said so, here the video:
Suggestions? Comments? Drop me an e-mail: chr1x@izpwning.me
Links:
Binary Auditing Training Package (http://www.binary-auditing.com)
No comments:
Post a Comment