I know, describing long hours of trial-and-error tedium as exciting is pretty nerdy. But I think the description is appropriate when it comes to shellcoding. I still remember the first time I got root on a Linux target with a carefully crafted overflow and some shellcode. I literally yelped when I saw the shell! Chapter 7, Stack and Heap – Memory Management, was a nice introduction to the buffer overflow concept and shellcoding fundamentals, but there was something missing that made it less yelp-worthy. That's right: we were using a vulnerable C program with a main function very similar to countless other introductory demonstrations of the concept. We even disabled security measures to make it work. It felt like we were sitting in the classroom wondering when we'd use this stuff in the real world. I felt like a teenager again, but not...
United States
Great Britain
India
Germany
France
Canada
Russia
Spain
Brazil
Australia
Singapore
Hungary
Philippines
Mexico
Thailand
Ukraine
Luxembourg
Estonia
Lithuania
Norway
Chile
South Korea
Ecuador
Colombia
Taiwan
Switzerland
Indonesia
Cyprus
Denmark
Finland
Poland
Malta
Czechia
New Zealand
Austria
Turkey
Sweden
Italy
Egypt
Belgium
Portugal
Slovenia
Ireland
Romania
Greece
Argentina
Malaysia
South Africa
Netherlands
Bulgaria
Latvia
Japan
Slovakia