Exploit Development

Exploit Development

Nostalgic memory - An attempt to understand the evolution of memory corruption mitigations - Part 4

This article series is a technical dive into the evaluation of these memory corruption mitigations. This part is focus on memory error detection tools introduced over years.

By Shubham Dubey 7 Jan 2024

Exploit Development

Nostalgic memory - An attempt to understand the evolution of memory corruption mitigations - Part 3

This article series is a technical dive into the evaluation of these memory corruption mitigations. This part is focus on mitigations that second generation, mostly introduced after 2010.

By Shubham Dubey 7 Jan 2024

Exploit Development

Nostalgic memory - An attempt to understand the evolution of memory corruption mitigations - Part 2

This article series is a technical dive into the evaluation of these memory corruption mitigations. This part is focus of mitigations that first generation, introduced before 2010 mostly.

By Shubham Dubey 7 Jan 2024

Exploit Development

Nostalgic memory - An attempt to understand the evolution of memory corruption mitigations - Part 1

Arbitrary Code execution due to memory corruption is there since the years and still a major thing. Over the year, new protective measures have been introduced periodically to mitigate these attacks.This article series is a technical dive into the evaluation of these memory corruption mitigations.

By Shubham Dubey 7 Jan 2024

Exploit Development

Impact of x64 calling convention in format string exploitation

In this post I will try to give you a brief on how format string exploitation can differ in 64 bit architecture due to different calling convention in 64 bit.

By Shubham Dubey 20 Oct 2020

Exploit Development

Breaking Antivirus: Arbitrary file deletion using Symbolic link

A newly discovered symbolic link attack in many antivirus can cause arbitrary file deletion. In this blog, we will be discussing how to create the exploit and mitigate it.

By Shubham Dubey 28 Apr 2020

Exploit Development

Understanding and Exploiting Symbolic links in Windows - Symlink Attack EOP

Symbolic link can be abused to cause elevation of privilege or arbitrary write/delete. In this article we are going to understand symlink and will learn how to exploit/abuse them.

By Shubham Dubey 16 Apr 2020

Exploit Development

Exploiting buffer overflow in Windows application through TextBox using only Alphanumeric payload

Lets look at how to exploit seh based buffer overflow in WIndows GUI application that have input restrictions of supporting only ascii characters as input.

By Shubham Dubey 7 Sep 2018

Exploit Development

Exploiting Off-by-One buffer overflow vulnerability

Off-by-one vulnerability is little difficult to find and hence can be present in big softwares.It can cause due to not aware of fact if your string provided is not null terminating then strcpy will add a null terminator at the end of string,

By Shubham Dubey 29 Jan 2018