Exploit Development Process
● Occupy EIP
● Find the offset(s)
● Determine the attack vector
● Build the exploit
● Test/debug the exploit
peda 是一款由python寫的exploit開發工具。
Peda setup and usage
http://security.cs.pub.ro/hexcellents/wiki/kb/toolset/peda
Unofficial guide by Hexcellents
github repo (latest)
bhus12-workshop.tar.gz | workshop-solution.tar.gz | telnetd exploit (by syndrowm)
screenshot1 | screenshot2
demo video (by Tri Van)