The previous post explained how to setup the environment so that we would be able to actually debug the crashing process. In this post I will try to explain the process of analyzing it and building a working exploit. So the first step is to identify why it crashed in the first place.
n0limit his legend preceeded him but the real deal is way better then the legend! No, really this dude really helped me out in the process to making it work. When doing BOF bugs there is a HUGE difference between reading about it and putting it to practice. Another big thanks go out to KD he got me interested in this stuff again. I mean with all the web exploiting going on these days…you’d almost forget about the giant of all times. The infamous Buffer Overflow!
Here we go again, another really old paper from the old kd-team.com archives. This was one of my first real fun encounters with Reverse Engineering. I know it’s not used anymore and it’s old and it’s probably bah…but still :) there are a lot of people who everyday start learning RE and what better way then with some nostalgy and a good laugh.
So no reversing section but still a reversing post. My personal opinion is that reversing is part of a forensic research in some way or an other…you could state that reversing is like a very specific forensic investigator. Most people asociate reversing with copyright infringements and bypassing security measures to access forbidden goodies(game cheats for example). Reversing can also be used for legal purposes just to name a few:
- perform a blackbox audit on an executable
- perform a investigation on a piece of malware
- help develop a quick patch until the official one is released
- learn and understand compiler optimization
I love reversing, I also hate reversing. Yet I keep practicing it and trying to learn. Why ? Because it really is a beautifull way to learn new things and to relax(this depends on the person reversing of course).