I understand the general idea of exploiting vulnerabilities. Buffer overflows and the like, but I think I DO NOT REALLY receive it.
Are there any useful sources of information that explain this area well? Maybe case studies on how certain vulnerabilities are exploited?
Even more interesting would be how the projects you worked on suffered from such problems.
I am not trying to find out about existing vulnerabilities that I could exploit. I'm trying to understand how this area can affect any projects that I can work on.
iss.net , , .
Corelancoder! https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/
1 - BOF ,..., 12 - ROP. , , , /.
, , - , . Metasploit ( ) - . , Metasploitable http://www.offensive-security.com/metasploit-unleashed/Requirements#Metasploitable
, "A Bug Hunter Diary: A Guided Tour Through the Wilds of Software Security"
"A Bug Hunter Diary: A Guided Tour Through the Wilds of Software Security"
, . , , .
"The shellcoders handbook", , "The bug hunter diary" "The shellcoders handbook" , .
"The shellcoders handbook"
"The bug hunter diary"
" http://www.exploit-db.com", , , , , , , , , , calc.exe:)
, - , , , .
Source: https://habr.com/ru/post/1707057/More articles:How to bypass the requirements of VC ++ Runtime in a dll? - c ++Groovy expando metaclass - metaprogrammingДобавление элемента в контекстное меню контекстного меню Internet Explorer - c++Metric for program size - web-applicationsWhat are the basic ASP.NET form security methods? - securityhttps://translate.googleusercontent.com/translate_c?depth=1&pto=aue&rurl=translate.google.com&sl=ru&sp=nmt4&tl=en&u=https://fooobar.com/questions/1707058/grails-how-to-pass-arrays-to-gsp-pages&usg=ALkJrhigkDYLGdwzifZH31ZYQjLToLPFiQPowershell: Practical use of $ ^ and $$? - powershellMySQL: joining multiple columns into multiple tables? - joinWhat are the pros and cons of using www? - subdomainЗагрузка ClickOnce завершается с ошибкой, если у конечного пользователя нет VS2008 - .netAll Articles