thc.org:/root/docs/exploit_writing/

The Hacker's Choice has published some papers that directly or indirectly deal with exploit writing and the exploited vulnerabilities. The papers are available online:

For completeness the current directory contains other interesting and nifty work also related to exploits.

  Name Last Modified Size Inode
- ../    02-Sep-2007 05:15:20    4k    0x157ccc30

Return to parent directory

- BSD-heap-smashing.txt    29-Oct-2006 20:33:08    118k    0x97bef0b2

BSD Heap smashing

- Exploiting the wilderness.txt    29-Oct-2006 20:33:08    31k    0xc31add17

Exploiting the wilderness

- defeating-w2k3-stack-protection.pdf    29-Oct-2006 20:33:08    111k    0x57f79fc4

Defeating Windows 2003 stack protection

- formatstring-1.2.pdf    29-Oct-2006 20:33:08    229k    0xea26c330

Exploiting Format String Vulnerabilities

- heap_off_by_one.txt    29-Oct-2006 20:33:08    13k    0x68576ab2

Heap off by one

- heaptut.txt    29-Oct-2006 20:33:08    43k    0x3bfe4382

w00w00 on Heap Overflows

- mipsshellcode.pdf    29-Oct-2006 20:33:08    158k    0x24b1fa76

Writing MIPS/IRIX shellcode

- msrpcheap.pdf    29-Oct-2006 20:33:08    2M    0x16f374e1

Exploiting the MSRPC Heap Overflow - Part 1

- msrpcheap2.pdf    29-Oct-2006 20:33:08    610k    0x3b53a6a1

Exploiting the MSRPC Heap Overflow - Part 2

- p49-0x0d.txt    29-Oct-2006 20:33:08    65k    0xebd0e025

Smashing The Stack For Fun And Profit

- p55-0x08.txt    29-Oct-2006 20:33:08    19k    0x0aff6660

The Frame Pointer Overwrite

- p55-0x0f.txt    29-Oct-2006 20:33:08    77k    0xa2144279

Win32 Buffer Overflows (Location, Exploitation and Prevention)

- p56-0x05.txt    29-Oct-2006 20:33:08    27k    0x42853e8e

Bybassing StackGuard and StackShield

- p57-0x05.txt    29-Oct-2006 20:33:08    21k    0xf6fb5b9b

Writing shellcode for IA-64

- p57-0x08.txt    29-Oct-2006 20:33:08    118k    0xa1fe69a6

Smashing The Heap For Fun And Profit

- p57-0x09.txt    29-Oct-2006 20:33:08    34k    0x7a591bf0

Once upon a free()...

- p57-0x0f.txt    29-Oct-2006 20:33:08    87k    0xdf55146e

Writing ia32 alphanumeric shellcodes

- p58-0x04.txt    29-Oct-2006 20:33:08    72k    0x5bb50347

The advanced return-into-lib(c) exploits: PaX case study

- p60-0x06.txt    29-Oct-2006 20:33:08    63k    0x74ab3bf8

Smashing The Kernel Stack For Fun And Profit

- p60-0x0a.txt    29-Oct-2006 20:33:08    27k    0x8e70997c

Basic Integer Overflows

- sol-ne-stack.html    29-Oct-2006 20:33:08    28k    0x3d0c2f00

Defeating Solaris/SPARC Non-Executable Stack Protection