sradley/osed

OSED course preparation materials.

1. Exploiting Stack Overflows

Refer to chapter 3 of the EXP-301 syllabus.

1.1. Local Exploits

• VUPlayer 2.49
• Easy RM to MP3 Converter v2.7.3.700

1.2. Remote Exploits

• Vulnserver TRUN
• Brainpan
• DoStackBufferOverflowGood
• FreeFloat FTP Server 1.0
• PCMan FTP Server 2.0.7
• MiniShare 1.4.1

2. Exploiting SEH Overflows

Refer to chapter 4 of the EXP-301 syllabus.

2.1. Local Exploits

• FTPShell Server v6.80
• 10-Strike Network Inventory Explorer 8.65
• 10-Strike Network Scanner v3.0
• Millenium MP3 Studio 2.0
• Free MP3 CD Ripper 2.6
• Easy CD DVD Copy v1.3.24
• Zip-n-Go v4.9
• Boxoft Audio Converter 2.3.0
• Easy AVI DivX Converter 1.2.24
• My Video Converter 1.5.24
• VeryPDF Image2PDF Converter
• eZip Wizard 3.0
• ASX to MP3 converter 3.1.2.1
• DVD X Player Pro v5.5

2.2. Remote Exploits

• Vulnserver GMON
• EFS Easy Chat Server 3.1
• Disk Sorter Enterprise 9.5.12
• Easy File Sharing Web Server 7.2
• freeFTPd 1.0.10
• FathFTP 1.8
• File Sharing Wizard 1.5.0
• httpdx 0.5b - FTP Server
• freeSSHd 1.2.1
• Easy Address Book Web Server 1.6

3. Overcoming Space Restrictions: Egghunters

Refer to chapter 6 of the EXP-301 syllabus.

3.1. Local Exploits

• docPrint Pro 8.0
• Foxit Reader 4.1.1
• Audacity 1.2
• MiniShare 1.5.5
• Free MP3 CD Ripper 2.8
• Base64 Decoder 1.1.2
• Frigate Professional 3.36.0.9
• CoolPlayer+ Portable 2.19.6
• KiTTY Portable 0.65.0.2p
• IP-Tools 2.5

3.2. Remote Exploits

• Vulnserver GTER
• Vulnserver GMON
• Vulnserver KSTET
• Easy File Sharing Web Server 7.2
• Xitami Web Server 2.5
• TFTP Server 1.4
• MinaliC WebServer 2.0.0
• Sysax 5.53
• Sysax Multi Server 5.52
• Savant Web Server 3.1
• WorldMail IMAPd 3.0

4. Creating Custom Shellcode

Refer to chapter 7 of the EXP-301 syllabus.

4.1. Local Exploits

• GoldWave 5.70
• CodeBlocks 17.12
• Quick Zip v4.60.019
• SysGauge Pro v4.6.12
• Audio Converter 8.1
• Foxit Reader 4.1.1

4.2. Remote Exploits

• Vulnserver LTER
• Vulnserver HTER

5. Stack Overflows and DEP Bypass

Refer to chapter 9 of the EXP-301 syllabus.

5.1. Local Exploits

• ASX to MP3 converter 3.1.2.1 + DEP
• VUPlayer 2.49 + DEP
• DVD X Player Pro v5.5 + DEP

5.2. Remote Exploits

• Vulnserver TRUN + DEP

6. Stack Overflows and ASLR Bypass

Refer to chapter 10 of the EXP-301 syllabus.

7. Format String Specifier Attack

Refer to chapters 11 & 12 of the EXP-301 syllabus.

7.1. Remote Exploits

• Easy Address Book Web Server 1.2
• Magic Winmail Server 2.3
• ComSndFTP 1.3.7 Beta
• XM Easy Personal FTP Server 5.30
• BolinTech DreamFTP Server 1.02