Skip to main content

Analyzing Malicious Documents


Popular posts from this blog

Intro To Malware Analsys

Hi Folks, here I will analyze a malware which is possible packed with nspack. Details are below:SHA256:5df0b1b07143c880c76d6e82253a20192981c83c3ea68bf86ffede6b17c01da4File name:5df0b1b07143c880c76d6e82253a20192981c83c3ea68bf86ffede6b17c01da4

Vanilla Buffer Overflow And Attack On Linux Platform

Buffer Overflow Attack:
What is buffer Overflow:
A buffer overflow happens when too much data put into the buffer which exceed the length of buffer defined and memory corruption happens or application crashes. From Crashing to Exploit: After crashing a application with a fuzzer,next step to own the Application or exploit the after overflown the extra data is overwriteen to EIP register.we will discuss more in the upcoming if we point the EIP to the shellcode we can exploit the application or vulnerability. Here we will discuss exploit and gdb on Linux platform.first we will discuss gdb . so far in the Internet we have seen lots of tutorials regarding Exploit,but in modern L:inux there are lots of protection like DEP, we have to disable that in the OS
ASLR is implemented by the kernel and the ELF loader by randomising the location of memory allocations (stack, heap, shared libraries, etc). This makes memory addresses harder to predict when an attacker is attempt…