Hi guys, sorry for the long silence! I know, I know, it has been long time from my last entry in this blog. During this year I have been very busy with my last year at university and thus I focused all my attention to pass the exams and to find a good final project […]
Hi, in this brief post I will show you the improvements I have made on “Smashing the stack in 2010”. First of all I have improved the bibliography in order to help the readers to learn and delve into as well as to give the credits to others researchers for their works. Then I have […]
In this post I am going to point out a real case of phishing against an italian bank, BCC (Banca di Credito Coperativo). Today I have received a well written mail to my university account, it says: The body obviously is in italian and it is also good from a sintax point of view, the […]
Many years have passed since the AlephOne article. This is true and fortunately we have a lot of papers dealing with buffer overflows and all its related issues in these 14 years. For example recently Peter Van Eeckhoutte has written the famous “exploit writing tutorials” that covers all aspects to exploit a Windows systems, considering […]
Hi readers, in this period i’m busy and thus no post in the last weeks, months. As soon as possible I will release a nice paper called “Smashing the stack in 2010”, born as project for the Computer Systems Security exam, it is just an introduction on stack based buffer overflows and their exploitation. It […]
In these series of posts we will see how to build some necessary tools from scratch to perform our tasks. Today we focus our attention on network, we are going to build a sniffer and a relative simple parser. Why don’t I use the well-known tcpdump? Wireshark? Tshark? First of all it’s more satisfactory to […]
In these days I’m discovering winappdbg, it’s a python module that wrap many win32 API. Why am I using this “tool”? I could take a look at Paimei and its PyDbg or Immunity Debugger with its immlib. To this choice I must thank ratsoul and swirl that, during a boring afternoon on a irc channel, […]
