|
|
Credit:
The information has been provided by inode.
For more information See: http://wayreth.eu.org/
|
|
Solaris Real World Exploits:
* ldso_ex.c v0.03 LD_PRELOAD Exploit. Working on Solaris 8/9. (CAN-2003-0609)
* padxploit.c v0.6 Remote login exploit via X25 pad. Working on Solaris 2.6/7/8. (CVE-2001-0797)
Solaris exploit templates:
Stack Overflows
* hole.c - Stack overflow vulnerable program.
* exhole_stack.c - Exploit returning into environment.
* exhole_execl.c - Exploit returning into execl of libc.
* exhole_strcpy.c - Exploit returning into strcpy for copy the shellcode on a RWX memory segment and execute it.
Heap Overflows
* heap_vuln.c - Vulnerable program to heap overflow.
* heap_exploit_dtors.c - Exploit modifing DTORS.
* heap_exploit_jmptable.c - Exploit modifing thr_jmp_table.
* heap_exploit_jmptable_auto.c - Exploit modifing thr_jmp_table with automatic search of address.
Studies:
A collection of programs/files for studying the stack creation under Solaris and the right formula for calculate the base stack padding:
sparc_stack.tar & sparc_stack_formula.txt & solaris_sparc_32bit.zip & solaris_sparc_64bit.zip
|
|