Exploit Mitigation Techniques - Part 2 - Stack Canaries

PrefaceHey there! After quite some time the second part will be finally published :) ! Sorry for the delay, real life can be overwhelming.. Last time I have introduced this series by covering Data Execution Prevention (DEP). Today we're dealing with the next big technique. As the title already suggests it will…

Dissecting and exploiting ELF files

PrefaceHi folks! For quite some time there was no article from my side. Life kept me busy with all sorts of things, but here is a little something until some cooler project emerges :) . This article will focus on explaining the ELF file format. While this may seem like a really…

Fuzzing projects with american fuzzy lop (AFL)

PrefaceThis quick article will give a short introduction on what fuzzers are, how they work and how to properly setup the afl - american fuzzy lop fuzzer to find flaws in arbitrary projects. Well known alternatives to afl (for the same or other purposes): boofuzz: Network Protocol Fuzzing for HumansGoogles…

An introduction to printer exploitation

PrefaceNote: As always the following is just a digest of all the things I could observe by working on printers myself or facts from stuff I read about recently. Since this thread about the HP printer promo videos caught some attention I will try to shed some light onto the…