Active torrent of Damn Vulnerable Linux:
https://thepiratebay.se/torrent/6519397/Damn_Vulnerable_Linux_1.5_-_Infe
ctious_Disease

On 5/22/2012 2:44 PM, Bob Bobson wrote:
> Alternatively you can attempt to locate a version ofDamn Vulnerable
> Linux. Although it has been discontinued and most torrents have died
> by now (there are still a few seeds here and there), it remains one of
> my personal favorites when it comes to learning about vulnerabilities.
>
>
> On 22/05/12 20:29, AK wrote:
>
>> ASLR is not your only problem under Linux. If you are using a modern
>> distribution (e.g. your homebox) there are loads other protections
>> enabled. Your best bet is to download an older one, turn off protections
>> where needed (via proc and via linker options) and start from there.
>> Userland exploitation is not beginner material with all the mitigations
>> enabled.
>>
>> On 5/22/12 7:00 PM, Littlefield, Tyler wrote:
>>> Thanks all for the info. I really appreciated it. Luckaly I have some
>>> experience with asm, though it is limited. The videos are nice, though
>>> I am going to have to supplement them with extra materials more than
>>> usual, since I am blind and it's hard to tell what he is doing all the
>>> time.
>>>
>>> Anyway, again I appreciate the help. I do have a question.
>>> If I am going to use a buffer overflow, I want to make sure I
>>> understand this right.
>>> If I have a function like:
>>> void foo(char* x);
>>> that means that I'd need to push an argument and call foo.
>>> push eax
>>> call foo
>>> now that I've called foo, it's going to set up the stack:
>>> gcc's disasm does something like:
>>> push ebp
>>> mov ebp, esp
>>> so now we have:
>>> ebp+8 >> x
>>> ebp+4 >> return
>>> ebp >> old ebp (?)
>>> so lets say that I declare a static buffer (you would sub ebp, 4) for
>>> that extra variable and it was a buffer. so if it was ebp-4, I could
>>> store an int there.
>>> now if I wanted to overflow that, I would have to fill ebp-4, which is
>>> the variable, ebp which is the pointer to the old frame (explaination
>>> there would be cool--I am kind of confused on what the "old frame"
>>> is); is it just the point on the stack (esp) where the previous
>>> frame's locals and that are stored? and then ebp+4. So I would have to
>>> feed that buffer 12 bytes to overwrite the return.
>>> so, this leads me to two final questions.
>>> First, is there a way perhaps to return backwards? So if I could
>>> manage to squeeze shellcode into those first 8 bytes (is that a
>>> possibility?) I could return to that and execute that? If I return to
>>> a funtion, how do I make that function do what I want? Being able to
>>> run any function in the code seems nice, but calling printf for
>>> example doesn't really do much for me. It would also require that I
>>> somehow get my arguments on the stack.
>>> Finally, lets say I found a function with GDB. With ASLR, is that not
>>> guaranteed to change when I execute the program again?
>>>
>>> Hopefully this is the right place for these questions--if not, I would
>>> appreciate other resources where this could be asked.
>>> Thanks,
>>> Ty
>>>
>>>
>>> ------------------------------------------------------------------------

>>>
>>> Securing Apache Web Server with thawte Digital Certificate
>>> In this guide we examine the importance of Apache-SSL and who needs an
>>> SSL certificate. We look at how SSL works, how it benefits your
>>> company and how your customers can tell if a site is secure. You will
>>> find out how to test, purchase, install and use a thawte Digital
>>> Certificate on your Apache web server. Throughout, best practices for
>>> set-up are highlighted to help you ensure efficient ongoing management
>>> of your encryption keys and digital certificates.
>>>
>>> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
>>>
>>>
>>> ------------------------------------------------------------------------

>>>
>>>
>>
>> ------------------------------------------------------------------------

>> Securing Apache Web Server with thawte Digital Certificate
>> In this guide we examine the importance of Apache-SSL and who needs
>> an SSL certificate. We look at how SSL works, how it benefits your
>> company and how your customers can tell if a site is secure. You will
>> find out how to test, purchase, install and use a thawte Digital
>> Certificate on your Apache web server. Throughout, best practices for
>> set-up are highlighted to help you ensure efficient ongoing
>> management of your encryption keys and digital certificates.
>>
>> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
>>
>> ------------------------------------------------------------------------

>>
>
>
>
> ------------------------------------------------------------------------

> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an
> SSL certificate. We look at how SSL works, how it benefits your
> company and how your customers can tell if a site is secure. You will
> find out how to test, purchase, install and use a thawte Digital
> Certificate on your Apache web server. Throughout, best practices for
> set-up are highlighted to help you ensure efficient ongoing management
> of your encryption keys and digital certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
>
> ------------------------------------------------------------------------

>

------------------------------------------------------------------------

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------

[ reply ]