Smashing the Stack on FreeBSD

Here’s a simple program to illustrate a stack smash.

Gera's Insecure Programming Format String #5 (ASLR Bypass)

This post is long overdue. I decided to step it up from FreeBSD to Debian. The last format string challenge from gera is a vanilla format string. You can find this challenge here.

PHP not properly checking Params

This is a summary of [Iwaniuk 2011]

Gera's Insecure Programming Format String #4

One more completed challenge is needed before we can declare format strings dead. This challenge from the format string section of Gera’s Insecure Programming is basically solvable using the same approach as challenge #3.

Cross-Origin Resource Inclusion

This article discusses a new bug class that was introduced in XMLHttpRequest Level 2, how the bug manifests and some solutions to different problems.

Gera's Insecure Programming Format String #3

This gera’s insecure programming challenge is solvable (pwnable) in a similar fashion as my previous post. The challenge’s source is posted. The challenge can be found at gera’s format string 3

Writeup: DEFCON 19 quals (Binary L33tness 100)

Here is the write-up for the DEFCON 19 quals challenge b100 run by DDTEK. This one is somewhat funny.

RELRO: RELocation Read-Only

This article describes ELF relocation sections, how to abuse them for arbitrary code execution, and how to protect them at runtime.