StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POWhat are some advanced and modern resources on exploit writing?
primarykey
Id
1851293
data
AcceptedAnswerId
0
AnswerCount
4
ClosedDate
CommentCount
0
CommunityOwnedDate
CreationDate
2009-12-05T06:05:33.407
FavoriteCount
15
LastActivityDate
2010-03-16T17:04:26.813
LastEditDate
2009-12-05T06:34:02.053
LastEditorUserId
2635
OwnerUserId
2635
ParentId
0
PostTypeId
1
Score
21
ViewCount
2150
LastEditorDisplayName
text
Body
I've read and finished both <a href="http://rads.stackoverflow.com/amzn/click/0764574817" rel="noreferrer">Reversing: Secrets of Reverse Engineering</a> and <a href="http://rads.stackoverflow.com/amzn/click/1593271441" rel="noreferrer">Hacking: The Art of Exploitation</a>. They both were illuminating in their own way but I still feel like a lot of the techniques and information presented within them is outdated to some degree. When the infamous Phrack Article, <a href="http://insecure.org/stf/smashstack.html" rel="noreferrer">Smashing the Stack for Fun and Profit</a>, was written 1996 it was just before what I sort of consider the Computer Security "golden age". Writing exploits in the years that followed was relatively easy. Some basic knowledge in C and Assembly was all that was required to perform buffer overflows and execute some arbitrary shell code on a victims machine. To put it lightly, things have gotten a lot more complicated. Now security engineers have to contend with things like <a href="http://en.wikipedia.org/wiki/Address_space_layout_randomization" rel="noreferrer">Address Space Layout Randomization (ASLR)</a>, <a href="http://en.wikipedia.org/wiki/Data_Execution_Prevention" rel="noreferrer">Data Execution Prevention (DEP)</a>, <a href="http://en.wikipedia.org/wiki/Buffer_overflow_protection" rel="noreferrer">Stack Cookies</a>, Heap Cookies, and much more. The complexity of writing exploits went up at least an order of magnitude. You can't event run most of the buffer overrun exploits in the tutorials you'll find today without compiling with a bunch of flags to turn off modern protections. Now if you want to write an exploit you have to devise ways to turn off DEP, spray the heap with your shell-code hundreds of times and attempt to guess a random memory location near your shellcode. Not to mention the pervasiveness of managed languages in use today that are much more secure when it comes to these vulnerabilities. I'm looking to extend my security knowledge beyond writing toy-exploits for a decade old system. I'm having trouble locating resources that help address the issues of writing exploits in the face of all the protections I outlined above. What are the more advanced and prevalent papers, books or other resources devoted to contending with the challenges of writing exploits for modern systems?
Tags
<security><exploit>
Title
What are some advanced and modern resources on exploit writing?
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USmmcdole
UserOwnerUserId
1. USmmcdole
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
3. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 POWhat are some advanced and modern resources on exploit writing?
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 POWhat are some advanced and modern resources on exploit writing?
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
3. VO
 singulars
 PostPostId
 POWhat are some advanced and modern resources on exploit writing?
 UserUserId
 USVinko Vrsalovic
 VoteTypeVoteTypeId
 VTFavorite
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.