In this article we’ll present how we can hook the System Service Dispatch Table, but first we have to establish what the SSDT actually is and how it is used by the operating system. In order to understand how and why the SSDT table is used, we must first […]
Download the code associated with this article by filling out the the form below.
In this article we presented the details of using sysenter instruction to call from user-mode to kernel-mode. In older versions of Windows operating systems, the “int 0x2e” interrupt was used instead, but on newer systems sysenter […]
PDF files have become very common in everyday work. It’s hard to imagine business proposals without PDFs. The PDF format is used in almost all companies to share business deals, company brochures, and even invitations.
Previous years were not good for PDF users, as several vulnerabilities were published, such as […]
In recent years, several researchers have studied Linux kernel security. The most common kernel privilege vulnerabilities can be divided into several categories: NULL pointer dereference, kernel space stack overflow, kernel slab overflow, race conditions, etc.
Some of them are pretty easy to exploit and there is no need to […]
A heap overflow is a form of buffer overflow; it happens when a chunk of memory is allocated to the heap and data is written to this memory without any bound checking being done on the data. This is can lead to overwriting some critical data structures in […]
This article describes the stack. GDB is used to analyze its memory. One needs to know this subject to play with low-level security.
Environment: x86, Linux, GCC, GDB.
The following registers are mentioned in the article:
ESP (points to the top of the stack)
EBP (is used as a reference when […]
Most of the programs that we use every day contain bugs; a bug is a malfunction in a program, which can make the program take unwanted actions or errors. These bugs or vulnerabilities can be exploited by writing a code that is usually called an exploit. The most common […]
Let’s present all of the registers, as seen in OllyDbg:
Let’s explain this picture a little better. At the top of the picture, the general purpose registers are given. The EBP and ESP registers are generally used with stack frames, while the other registers can be used by the program […]