http://blog.csdn.net/freexploit/category/56806.aspx溢出研究zh-CNFri, 11 Jan 2008 22:43:21 GMT60FreeXploiThttp://blog.csdn.net/freexploit/archive/2008/01/11/2038442.aspxFri, 11 Jan 2008 22:43:00 GMThttp://blog.csdn.net/freexploit/archive/2008/01/11/2038442.aspxhttp://blog.csdn.net/freexploit/comments/2038442.aspxhttp://blog.csdn.net/freexploit/archive/2008/01/11/2038442.aspx#Feedback8http://blog.csdn.net/freexploit/comments/commentRss/2038442.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=2038442FreeXploiT<img src ="http://blog.csdn.net/freexploit/aggbug/2038442.aspx" width = "1" height = "1" />FreeXploiThttp://blog.csdn.net/freexploit/archive/2007/02/07/1504953.aspxWed, 07 Feb 2007 23:59:00 GMThttp://blog.csdn.net/freexploit/archive/2007/02/07/1504953.aspxhttp://blog.csdn.net/freexploit/comments/1504953.aspxhttp://blog.csdn.net/freexploit/archive/2007/02/07/1504953.aspx#Feedback0http://blog.csdn.net/freexploit/comments/commentRss/1504953.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=1504953在支付宝密码输入控件中存在一个远程代码执行漏洞，远程攻击者可利用此漏洞在被攻击者系统上执行任意代码，进而可安装木马以及间谍程序，窃取相关敏感信息比如淘宝帐号/密码，或者支付宝帐号/密码。 <img src ="http://blog.csdn.net/freexploit/aggbug/1504953.aspx" width = "1" height = "1" />FreeXploiThttp://blog.csdn.net/freexploit/archive/2007/01/03/1473159.aspxWed, 03 Jan 2007 21:26:00 GMThttp://blog.csdn.net/freexploit/archive/2007/01/03/1473159.aspxhttp://blog.csdn.net/freexploit/comments/1473159.aspxhttp://blog.csdn.net/freexploit/archive/2007/01/03/1473159.aspx#Feedback0http://blog.csdn.net/freexploit/comments/commentRss/1473159.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=1473159QQ是由Tencent公司开发的一个IM软件，在中国有着非常广泛的用户。DSW Avert在200612.31发现了QQ的几个0day漏洞，并通知了QQ官方。QQ在2007.1.1进行了升级。事实上，在此之前，幻影旅团(ph4nt0m)的axis就已经发现了这些漏洞，出于一些原因未曾公布，现在漏洞被公开了，所以将细节和可利用的POC公布如下：<img src ="http://blog.csdn.net/freexploit/aggbug/1473159.aspx" width = "1" height = "1" />FreeXploiThttp://blog.csdn.net/freexploit/archive/2006/05/24/752368.aspxWed, 24 May 2006 10:06:00 GMThttp://blog.csdn.net/freexploit/archive/2006/05/24/752368.aspxhttp://blog.csdn.net/freexploit/comments/752368.aspxhttp://blog.csdn.net/freexploit/archive/2006/05/24/752368.aspx#Feedback4http://blog.csdn.net/freexploit/comments/commentRss/752368.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=752368我连忙安慰kaka说：“kaka，您别着急，您说说看，您丢的0day是啥样的，说不定我能帮您找到呢！” kaka答道：“我的0day是iis的，通杀iis5.0,iis 6.0。iis 默认配置，是个未公布的，成功率达到100%" 她又补充着说道：“有时候端口号输入错误，还能搞定3389呢。” <img src ="http://blog.csdn.net/freexploit/aggbug/752368.aspx" width = "1" height = "1" />FreeXploiThttp://blog.csdn.net/freexploit/archive/2006/02/03/591253.aspxFri, 03 Feb 2006 12:07:00 GMThttp://blog.csdn.net/freexploit/archive/2006/02/03/591253.aspxhttp://blog.csdn.net/freexploit/comments/591253.aspxhttp://blog.csdn.net/freexploit/archive/2006/02/03/591253.aspx#Feedback0http://blog.csdn.net/freexploit/comments/commentRss/591253.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=591253 * usage: * You should execute this tool without Admin privileges on the target system * using for example an user account * * srvcheck.exe -l - show vulnerable services * srvcheck.exe -m Service PATH - modify service configuration (install backdoor) * * Example for Windows XP SP2 computer <img src ="http://blog.csdn.net/freexploit/aggbug/591253.aspx" width = "1" height = "1" />FreeXploiThttp://blog.csdn.net/freexploit/archive/2006/01/25/587917.aspxWed, 25 Jan 2006 02:21:00 GMThttp://blog.csdn.net/freexploit/archive/2006/01/25/587917.aspxhttp://blog.csdn.net/freexploit/comments/587917.aspxhttp://blog.csdn.net/freexploit/archive/2006/01/25/587917.aspx#Feedback0http://blog.csdn.net/freexploit/comments/commentRss/587917.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=587917安全检查原理： 在函数开始地方，分配局部变量(记为szWinExecParam[0x414])后即设置szWinExecParam的最后4字节为一随机值，然后在函数ret前检查这个值是否被更改，如更改表示被溢出直接弹出警告对话框并退出进程。由于栈溢出覆盖ret地址前必然要完全覆盖完局部变量和ebp，因此此种检查机制简单有效，值得推荐。<img src ="http://blog.csdn.net/freexploit/aggbug/587917.aspx" width = "1" height = "1" />FreeXploiThttp://blog.csdn.net/freexploit/archive/2005/08/27/466563.aspxSat, 27 Aug 2005 19:49:00 GMThttp://blog.csdn.net/freexploit/archive/2005/08/27/466563.aspxhttp://blog.csdn.net/freexploit/comments/466563.aspxhttp://blog.csdn.net/freexploit/archive/2005/08/27/466563.aspx#Feedback0http://blog.csdn.net/freexploit/comments/commentRss/466563.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=466563详细描述 QQ对字库过滤不严,黑客如果使用精心构造的字符可以导致你崩溃.<img src ="http://blog.csdn.net/freexploit/aggbug/466563.aspx" width = "1" height = "1" />FreeXploiThttp://blog.csdn.net/freexploit/archive/2005/06/26/403247.aspxSun, 26 Jun 2005 03:11:00 GMThttp://blog.csdn.net/freexploit/archive/2005/06/26/403247.aspxhttp://blog.csdn.net/freexploit/comments/403247.aspxhttp://blog.csdn.net/freexploit/archive/2005/06/26/403247.aspx#Feedback0http://blog.csdn.net/freexploit/comments/commentRss/403247.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=403247Metasploit Framework all part 1-3<img src ="http://blog.csdn.net/freexploit/aggbug/403247.aspx" width = "1" height = "1" />FreeXploiThttp://blog.csdn.net/freexploit/archive/2005/06/22/400711.aspxWed, 22 Jun 2005 23:26:00 GMThttp://blog.csdn.net/freexploit/archive/2005/06/22/400711.aspxhttp://blog.csdn.net/freexploit/comments/400711.aspxhttp://blog.csdn.net/freexploit/archive/2005/06/22/400711.aspx#Feedback3http://blog.csdn.net/freexploit/comments/commentRss/400711.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=400711强大溢出工具包：Metasploit命令行下的使用 （转至77169）<img src ="http://blog.csdn.net/freexploit/aggbug/400711.aspx" width = "1" height = "1" />FreeXploiThttp://blog.csdn.net/freexploit/archive/2005/06/14/394174.aspxTue, 14 Jun 2005 15:24:00 GMThttp://blog.csdn.net/freexploit/archive/2005/06/14/394174.aspxhttp://blog.csdn.net/freexploit/comments/394174.aspxhttp://blog.csdn.net/freexploit/archive/2005/06/14/394174.aspx#Feedback1http://blog.csdn.net/freexploit/comments/commentRss/394174.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=394174已经失效的QQ exploit 喜欢就拿来研究看看吧<img src ="http://blog.csdn.net/freexploit/aggbug/394174.aspx" width = "1" height = "1" />FreeXploiThttp://blog.csdn.net/freexploit/archive/2005/04/13/345259.aspxWed, 13 Apr 2005 03:39:00 GMThttp://blog.csdn.net/freexploit/archive/2005/04/13/345259.aspxhttp://blog.csdn.net/freexploit/comments/345259.aspxhttp://blog.csdn.net/freexploit/archive/2005/04/13/345259.aspx#Feedback0http://blog.csdn.net/freexploit/comments/commentRss/345259.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=345259浅析mcafee的“缓冲区溢出保护”及绕过方法【安焦Leven】<img src ="http://blog.csdn.net/freexploit/aggbug/345259.aspx" width = "1" height = "1" />FreeXploiThttp://blog.csdn.net/freexploit/archive/2005/04/03/335204.aspxSun, 03 Apr 2005 09:41:00 GMThttp://blog.csdn.net/freexploit/archive/2005/04/03/335204.aspxhttp://blog.csdn.net/freexploit/comments/335204.aspxhttp://blog.csdn.net/freexploit/archive/2005/04/03/335204.aspx#Feedback1http://blog.csdn.net/freexploit/comments/commentRss/335204.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=335204iis和apache的exploit一个是kevin1986写的 一个是我写的 呵呵<img src ="http://blog.csdn.net/freexploit/aggbug/335204.aspx" width = "1" height = "1" />FreeXploiThttp://blog.csdn.net/freexploit/archive/2005/03/30/334260.aspxWed, 30 Mar 2005 17:04:00 GMThttp://blog.csdn.net/freexploit/archive/2005/03/30/334260.aspxhttp://blog.csdn.net/freexploit/comments/334260.aspxhttp://blog.csdn.net/freexploit/archive/2005/03/30/334260.aspx#Feedback0http://blog.csdn.net/freexploit/comments/commentRss/334260.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=334260【例子】WIN平台缓冲溢出程序编写<img src ="http://blog.csdn.net/freexploit/aggbug/334260.aspx" width = "1" height = "1" />FreeXploiThttp://blog.csdn.net/freexploit/archive/2005/03/30/334232.aspxWed, 30 Mar 2005 16:28:00 GMThttp://blog.csdn.net/freexploit/archive/2005/03/30/334232.aspxhttp://blog.csdn.net/freexploit/comments/334232.aspxhttp://blog.csdn.net/freexploit/archive/2005/03/30/334232.aspx#Feedback0http://blog.csdn.net/freexploit/comments/commentRss/334232.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=334232【原理】UNF && pr1 present: Writing Linux/x86 shellcodes for dum dums.<img src ="http://blog.csdn.net/freexploit/aggbug/334232.aspx" width = "1" height = "1" />FreeXploiThttp://blog.csdn.net/freexploit/archive/2005/03/30/334212.aspxWed, 30 Mar 2005 15:52:00 GMThttp://blog.csdn.net/freexploit/archive/2005/03/30/334212.aspxhttp://blog.csdn.net/freexploit/comments/334212.aspxhttp://blog.csdn.net/freexploit/archive/2005/03/30/334212.aspx#Feedback0http://blog.csdn.net/freexploit/comments/commentRss/334212.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=334212【原理】浅析格式化串漏洞<img src ="http://blog.csdn.net/freexploit/aggbug/334212.aspx" width = "1" height = "1" />