Monthly Archives: October 2014

Solaris 7 8 9 modload user upload kernel module

“The Shellcoder’s Handbook” comes supplied with a ready exploit against http://www.securitytracker.com/id/1008833 But, it has some problems. the kernel module compiling script is broken (needs -c flag), else it will bitch about _init and _fini being defined twice.. This script uses

Posted in Sparc/Solaris

Protected: Memory Disclosure Pt. VIII

There is no excerpt because this is a protected post.

Posted in Asm, buffer overflow, C, Sparc/Solaris, Uncategorized

Protected: Smashing the Stack+Data sections PT. VII

There is no excerpt because this is a protected post.

Posted in Asm, buffer overflow, C, Sparc/Solaris, Uncategorized

Protected: Hacking Apply — Pt. VI

There is no excerpt because this is a protected post.

Posted in Asm, buffer overflow, C, Sparc/Solaris, Uncategorized

Protected: Hacking Apply – Pt. V

There is no excerpt because this is a protected post.

Posted in Asm, Bash, buffer overflow, C, Sparc/Solaris, Uncategorized

Protected: Pearl — Hacking Apply — pt. IV

There is no excerpt because this is a protected post.

Posted in Asm, buffer overflow, C, Sparc/Solaris, Uncategorized

Protected: Pearl — Hacking Apply Pt III

There is no excerpt because this is a protected post.

Posted in Bash, buffer overflow, C, Sparc/Solaris

Holy Mother of Pearl – Pt. II

Now let’s start perfecting our exploit: The above is the typical Stack range for a 32-bit sparc app in 64-bit kernel. That’s as specific as I care for.. We can create a guesser program to, based on nop-sled size, slice

Posted in Bash, buffer overflow, Sparc/Solaris

Holy Mother of Pearl — SPARC Exploitation Excerpts!

SO, back to exploiting the userland gets() function. Vulnerable Test Prog This invoke scripts helps me keep the stack offset the same whether I run the program in GDB or not.. Note: it doesn’t work that well on my Sun

Posted in Bash, buffer overflow, Sparc/Solaris

Auditing the C ‘for’ loop

I am reading on Source Code Auditing in the Shellcoder’s Handbook ed. 1 — Off-by-One vulnerabilities. in SPARC’s big-endian systems, they are not a real threat according to the handbook. They are still part of my research and apply to little

Posted in buffer overflow, C
Skip to toolbar