BUFFER OVERFLOW – EXPLOITING SOFTWARE 05/2012

Extending Control, API Hooking
By Craig Wright

API hooking the malicious code is used to vary the library function calls and returns by replacing the valid function calls with one of the attackers choosing. The article follows from previous articles as well as goes into some of the fundamentals that you will need in order to understand the shellcode creation process, how to use Python as a launch platform for your shellcode and that the various system components are. This article includes a section on functions and calls, extending DLL injection and then move to the actual API hooking process (that we will extend) in coming articles. With these skills you will have the foundations for creating shellcode for exploits and hence an understanding of the process that penetration testers and hackers use in exploiting systems. You will see how it is possible to either create your own exploit code from scratch or even to modify existing exploit code to either add functionality or in order to bypass signature based IDS/IPS filters.

The Basics Of Buffer Overflow, Fuzzing and Exploitation
By Richer Dinelle

The stack can contain different kind of information: instructions for the cpu, characters strings for example. Buffer Overflow can be caused by many different programming errors or implementation. The one we will test is going to be about the bounds of an array of characters that are not properly checked. You will see what is application fuzzing and how to exploit the bugs we find and what problems it creates to developers in terms of program availability, functionality and most of all security.

Exploit a Software with Buffer Overflow Vulnerability and Bypassing ASLR Protection
By Ahmed Sherif El-Demrdash

Buffer overflow is an anomaly where a program while writing data to a buffer overruns the buffer’s boundary and overwrites adjacent memory. This is a special case of violation of memory safety. It is the most dangerous vulnerability in the software world because it could allow for an exploitation for OS which include this vulnerable software. You will learn how to write your own exploitation with python programming language and bypassing ASLR protection and finally, how to run your own shellcode to control Vulnerable OS.

Recovering Passwords and Encrypted Data Remotely in Plain Text
By Daniel Dieterle

There has been a lot of buzz across the web the last few months about a program called “Mimikatz”. It is an interesting program that allows you to recover Windows passwords from a system in clear text. Why spend hours, days, or months trying to crack a complex password when you can just pull it from Windows memory as unencrypted text?Recovering passwords remotely with WCE is very similar; you create the website in SET, and use the Java attack. Once the target system allows the backdoored applet to run, a remote session is created. After you connect to the session in Meterpreter, you need to run the “Bypassuac” script, and connect to the newly created session that has System level access. Then run the WCE script and the passwords are displayed in plain text. You will learn how a remote attacker can recover encrypted files and you will understand why you should never allow scripts or programs to run from websites that you do not know or trust.

Danger of Man in the Middle Attacks to Modern Life
By Wong Chon Kit

In modern times, we have been exposed through the use of any of the computers, smart phones or any device which are all connected in a consolidates network. When we term the word network, it means that we can communicate with the other party by sending information through the cables or even in the air. You will learn how to perform a man in the middle attack on Linux as well as on Windows machines. You will see the trick of hiding in the network while we are performing intelligent information gathering. The author will also show you a common attack and how fast these attacks could obtain information in a stealthy way. As you will see, the growing use of the tools can help anyone be a security pen tester, while if it is been used in a wrong hands it could bring more damage than good.

E-mail Spam Filtering and Natural Language Processing
By Yufan Guo

NLP is an interdisciplinary field that aims to automatically analyze, understand and generate human (natural) languages. This article is a brief introduction of how to apply NLP techniques to spam filtering. It discusses spam filtering from the perspective of natural language processing (NLP). The author explains the features (e.g. binary features, TF-IDF, domain-specific features) and the machine learning models (e.g. RIPPER, Naïve Bayes Classifier, SVM) that are commonly used for this task, along with their performance on different data sets. She also discusses the challenges of personalized spam filtering and the possible solutions (co-training).

Security Communication and Why You Should Trundle
By Dean Bushmiller

The main focus of this article is to deal with customer communications securely. That trundling along to protect them. In this article the author will tell you what to do to better protect your customer. You will be able to see where the data is sitting from past reports and clean it up before the attack occurs. The article discusses about the tools you use for protecting data, the data you should protect, and the business processes that you must put in place.

Overriding Function Calls in Linux
By Umair Manzoor

Function hooking and overriding plays a vital role in penetration test of thick client application. In this article we will discuss how shared libraries in Linux environment can be overridden with out recompiling the code. By overriding the function calls we can sniff the communication protocol, modify the communication parameters and fuzz the communication protocol.