On 11 March this year I've asked this question on my twitter account: "Is there a woodmann.com alternative to our security scene? I don't care about the good/bad guy part, I just want to know if it exists!" and I received no answer.
While searching the internet in the usual places, I did found something interesting on Offensive Security's blog, entitled QuickZip Stack BOF 0day: a box of chocolates. It sounded interesting, so I took a peak at it. Damn, it was the best thing I did this entire month. That article/blog post, name it whatever you want, simply rocks!
Do you remember all the vulnerability reports that you see on milw0rm/secunia/vupen/securityfocus? They simply announce the bug, and maybe if you're lucky they write a few lines of code or they write a POC for it. I'm not suggesting that this is bad or something, but if you want to see the logic behind it all, you're lost, because that's a topic that's not covered. Sometimes you see a shellcode and you just stare at it. Why is it there? Why is it so long/short? Why if I change something in it doesn't work anymore? How did someone found a bug and then exploit it and write that shellcode? This questions remain after you've read any vulnerability report on the sites mentioned earlier. But not with QuickZip Stack BOF 0day: a box of chocolates. The author takes you step by step. The best thing of it all, is that he's not feeding you his logic of doing things. The writes a dozen times that you should stop reading, think for yourself what would you do in that particular stage, and only after that you should read further. This is absolutely amazing. That way of teaching/writing reminds me of a famous quote that's still used in the cracking scene by the famous +ORC cracker, but it's still valid and true nonetheless:
"If you give a man a crack he'll be hungry again tomorrow, but if you teach him how to crack, he'll never be hungry again".
This is what Peter Van Eeckhoutte (corelanc0d3r) does. Do you want to hear another good news? He has posted the 2nd part of the article QuickZip Stack BOF 0day: a box of chocolates Part 2.
Are you ready for another great news? He was made a series of tutorials on how to start writing exploits in the same manner! You can start reading them, starting with the first called Exploit writing tutorial part 1 : Stack Based Overflows and going further until you reach he's last article (Exploit writing tutorial part 9 : Introduction to Win32 shellcoding at this date). His blog is full of excellent well written articles. Do you have problems understanding some of his tutorials? Go and the forum and ask a question. How cool is that?
Even tough nobody answered my question on twitter then, I sure can answer myself now: there is a very well written site, and that's Peter Van Eeckhoutte Blog.
I'm very happy that I've took the time to search the answer to my question, because it surely does pay out.
Thanks Corelan Team and I hope the rest of you will find it at least as good as I did!
No comments:
Post a Comment