HackMag

  • Mobile
  • Security
  • Malware
  • Coding
  • Unix
  • Devops
  • HackMag

  • Mobile
  • Security
  • Malware
  • Coding
  • Unix
  • Devops
  • Sign Up
  • Log In
  • Subscriptions
  • Log Out

Quarrel on the heap. Heap exploitation on a vulnerable SOAP server in Linux

Written by Marsel Shagiev

This paper discusses a challenging CTF-like task. Your goal is to get remote code execution on a SOAP server. All exploitation primitives are involved with the heap in one way or another; so, you’ll learn a lot about functions interacting with it. Also, you’ll reverse a Linux binary using a dynamic instrumentation framework.
Read full article →

Protected by Qrator Labs
Recent Posts
  • Attacks on the DHCP protocol: DHCP starvation, DHCP spoofing, and protection against these techniques
  • Poisonous spuds. Privilege escalation in AD with RemotePotato0
  • Infiltration and exfiltration. Data transmission techniques used in pentesting
  • Nightmare Spoofing. Evil Twin attack over dynamic routing
  • Herpaderping and Ghosting. Two new ways to hide processes from antiviruses
Recent Comments
  • n01 on Spying penguin. Windows post-exploitation with a Linux-based VM
  • professional retard on Software for cracking software. Selecting tools for reverse engineering
  • Jim on Using Android to keep tabs on your girlfriend. With her consent, of course!
  • john on Homemade keylogger. Writing an undetectable keylogger in C#
  • Hosay on What data Windows 10 sends to Microsoft and how to stop it
What do you think about HackMag.com domain name?
  • Add your answer
  • Add your answer
×
You or your IP had already vote.
Recent Posts
  • Attacks on the DHCP protocol: DHCP starvation, DHCP spoofing, and protection against these techniques
  • Poisonous spuds. Privilege escalation in AD with RemotePotato0
  • Infiltration and exfiltration. Data transmission techniques used in pentesting
  • Nightmare Spoofing. Evil Twin attack over dynamic routing
  • Herpaderping and Ghosting. Two new ways to hide processes from antiviruses
Recent Comments
  • n01 on Spying penguin. Windows post-exploitation with a Linux-based VM
  • professional retard on Software for cracking software. Selecting tools for reverse engineering
  • Jim on Using Android to keep tabs on your girlfriend. With her consent, of course!
  • john on Homemade keylogger. Writing an undetectable keylogger in C#
  • Hosay on What data Windows 10 sends to Microsoft and how to stop it
  • Facebook

  • Twitter

  • Rss

HackMag.com © 2023

HackMag.com publishes high-quality translated content about information security, cyber security, hacking, malware and devops.