/osed

OSED course preparation materials.

Primary LanguagePythonMIT LicenseMIT

1. Exploiting Stack Overflows

Refer to chapter 3 of the EXP-301 syllabus.

1.1. Local Exploits

1.2. Remote Exploits

2. Exploiting SEH Overflows

Refer to chapter 4 of the EXP-301 syllabus.

2.1. Local Exploits

  • FTPShell Server v6.80
  • 10-Strike Network Inventory Explorer 8.65
  • 10-Strike Network Scanner v3.0
  • Millenium MP3 Studio 2.0
  • Free MP3 CD Ripper 2.6
  • Easy CD DVD Copy v1.3.24
  • Zip-n-Go v4.9
  • Boxoft Audio Converter 2.3.0
  • Easy AVI DivX Converter 1.2.24
  • My Video Converter 1.5.24
  • VeryPDF Image2PDF Converter
  • eZip Wizard 3.0
  • ASX to MP3 converter 3.1.2.1
  • DVD X Player Pro v5.5

2.2. Remote Exploits

3. Overcoming Space Restrictions: Egghunters

Refer to chapter 6 of the EXP-301 syllabus.

3.1. Local Exploits

  • docPrint Pro 8.0
  • Foxit Reader 4.1.1
  • Audacity 1.2
  • MiniShare 1.5.5
  • Free MP3 CD Ripper 2.8
  • Base64 Decoder 1.1.2
  • Frigate Professional 3.36.0.9
  • CoolPlayer+ Portable 2.19.6
  • KiTTY Portable 0.65.0.2p
  • IP-Tools 2.5

3.2. Remote Exploits

  • Vulnserver GTER
  • Vulnserver GMON
  • Vulnserver KSTET
  • Easy File Sharing Web Server 7.2
  • Xitami Web Server 2.5
  • TFTP Server 1.4
  • MinaliC WebServer 2.0.0
  • Sysax 5.53
  • Sysax Multi Server 5.52
  • Savant Web Server 3.1
  • WorldMail IMAPd 3.0

4. Creating Custom Shellcode

Refer to chapter 7 of the EXP-301 syllabus.

4.1. Local Exploits

  • GoldWave 5.70
  • CodeBlocks 17.12
  • Quick Zip v4.60.019
  • SysGauge Pro v4.6.12
  • Audio Converter 8.1
  • Foxit Reader 4.1.1

4.2. Remote Exploits

  • Vulnserver LTER
  • Vulnserver HTER

5. Stack Overflows and DEP Bypass

Refer to chapter 9 of the EXP-301 syllabus.

5.1. Local Exploits

  • ASX to MP3 converter 3.1.2.1 + DEP
  • VUPlayer 2.49 + DEP
  • DVD X Player Pro v5.5 + DEP

5.2. Remote Exploits

  • Vulnserver TRUN + DEP

6. Stack Overflows and ASLR Bypass

Refer to chapter 10 of the EXP-301 syllabus.

7. Format String Specifier Attack

Refer to chapters 11 & 12 of the EXP-301 syllabus.

7.1. Remote Exploits

  • Easy Address Book Web Server 1.2
  • Magic Winmail Server 2.3
  • ComSndFTP 1.3.7 Beta
  • XM Easy Personal FTP Server 5.30
  • BolinTech DreamFTP Server 1.02