The Basics of Exploit Development 1: Win32 Buffer Overflows
January 21, 2020, Andy Bowden, Consultant, Coalfire Labs
In this article we will cover the creation of an exploit for a 32-bit Windows application vulnerable to a buffer overflow using X64dbg and the associated ERC plugin. As this is the first article in this series, we will be looking at an exploit where we have a complete EIP overwrite and ESP points directly into our buffer. A basic knowledge of assembly and the Windows operating system will be useful, however, it is not a requirement.
Windows Update Warning
January 15, 2020, Mike Weber, Vice President, Coalfire Labs
Coalfire is issuing this notice to alert our clients about a very important set of updates that were issued by Microsoft, as well as a pre-release announcement released by Oracle. While these are commonly handled through modern enterprise patch management systems, we want to underscore the importance of the issues that were covered in this month’s update.