ARM Exploitation: Return Oriented Programming (0x64 ∧ 0x6d) ∨ 0x69 Logo

ARM Exploitation: Return Oriented Programming (0x64 ∧ 0x6d) ∨ 0x69

0
Free
Visit Website

Building ROP chains to defeat data execution prevention - DEP. This series is about exploiting simple stack overflow vulnerabilities using return oriented programming (ROP) to defeat data execution prevention - DEP. There are three posts in this series. The posts got pretty dense, there is a lot of stuff to understand. If you miss anything, find bugs (language / grammar / ...), have ideas for improvements or any questions, do not hesitate to contact (via Twitter or contact page) me. I am happy to answer your questions and incorporate improvements in this post. Latest Update of this series: 03.12.2018 Changelog 03.12.2018: Added a working, prebuild environment to ease the process of getting started. 13.10.2018: Updated "Setup & Tool with hints how to initialize the Archlinux ARM keyring and commands to install the necessary packages. Also added command line switch to disable GCC stack canaries. 07.09.2018: Added note to successfully set up the bridge interface with qemu (in the first part). 1 - ARM Exploitation - Setup and Tools In the first part I describe the setup I used, which includes a set of script to build a QEMU based ArchLinux ARM environment and a vulnerable HTTP daemon.

FEATURES

ALTERNATIVES

A daemon for blocking USB keystroke injection devices on Linux systems

A tool for enumerating X-Forwarded-For headers in HTTP requests

Sniffglue is a network sniffer tool written in Rust with advanced filter sensitivity options and secure packet processing.

A Bluetooth 5 and 4.x sniffer using TI CC1352/CC26x2 hardware with advanced features and Python-based host-side software.

Automated signature creation using honeypots for network intrusion detection systems.

A Hadoop library for reading and querying PCAP files

A program to log login attempts on Telnet (port 23) and track the Mirai botnet

Netcap efficiently converts network packets into structured audit records for machine learning algorithms, using Protocol Buffers for encoding.