⚙ïļ Exploits

Binary Vulnerabilities And Exploits

In this article I will collect common binary vulnerability (expept for the bufferoverflow which has its own dedicated article) … .

Exploit Development

Process Steps Overview Fuzz and fins unusual behaviour Detect any possibility to overwrite crucial parts: EIP SEH Acces violations/invalid memory addresses etc Hijack Execution Eliminate bad characters Write PoC, spawning a reverse or bind shell, RAT or move to other systems.

Return- and jump-oriented Programming

Return-oriented programming is an exploit technique that can bypass several binary defence mechanisms.

👉🏞 Use-After-Free

This article is about use-after-free vulnerability, its mechanics and how it can be used for evil things. Several things could be done by using this vulnerability, for example, reading sensitive info or arbitrary code execution. The exploitation often requires the presence of some other vulnerability as well, for example, buffer overflow (not always).

Meltdown & Spectre

Several years ago, the internet was flooded with news about two famous vulnerabilities: Meltdown and Spectre. It took me some time to understand how both of them work, but here are the results of my attempt. To understand the mechanics of these two vulnerabilities, one needs to understand the basics that I’ve tried to explain in the article here.

Oracle Access Manager Pre-Auth RCE

Vulnerability’s code - CVE-2021–35587.

📚 Intel SA 00086

Intel ME (former south bridge) - mediator between the PC and all other devices (USBs, for example).

Alloc8

So, there are some prerequisites that one needs to have in order to get this exploit.

Buffer Overflow

Checkm8