Buffer overflow primer review

17 11 2009

Hello all, after a while of not updating my blog, and switching blogs, I decided to finally make a new post after all.

This post will be a review on the video tutorial series “Buffer overflow primer” by Vivek Ramachandran.

Vivek Ramachandran is a security evangelist and has been working in computer security related fields for the past 7 years. In 2007, Vivek spoke at world renowned conferences Defcon (WEP Cloaking Exposed) and Toorcon (The Caffe Latte Attack). The discovery of the Caffe Latte Attack was covered by CBS5 news, BBC online, Network World etc news agencies.In 2006, Vivek was announced as one of winners of the Microsoft Security Shootout contest held in India among 65,000 participants. He has also been a recipient of a Team Achievement at Cisco Systems for his work on 802.1x and Port Security modules on the Catalyst 6500 switches. Currently he spends all of his time maintaining Security- Freak.Net , SecurityTube.Net and is the co-founder of Axonize. Vivek, is a Bachelor in Electronics and Communications Engineering from the prestigious Indian Institute of Technology, Guwahati.You can contact him at vivek[at]securitytube.net

So, to start off the review with a short description:

The Buffer Overflow Primer Series are a series of 9 video tutorials about buffer overflow. The author will take you through various slideshows and practical examples, including the code and a fully detailed explanation about what each function does.

Some things included in these tutorials are:

  • analyzing the stack
  • exploiting the stack
  • converting complex c code to a simple assembly code
  • creating shellcode from this assembly code
  • using this shellcode to exploit a program

In other words, in just these 9 video tutorials, you will learn a lot. Even if you have no idea what buffer overflow is, the author explains everything step by step in the greatest detail I have ever seen.

The links to the different parts:

Part 1 (Smashing the stack)
Part 2 (Writing exit shellcode)
Part 3 (Executing shellcode)
Part 4 (Disassembling execve)
Part 5 (shellcode for execve)
Part 6 (exploiting a program)
Part 7 (exploiting a program: demonstration)
Part 8 (return to libc theory)
Part 9 (return to libc theory: demonstration)

I hope this has been helpful guys, don’t forget to follow me on twitter: http://twitter.com/raykoid666





Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: