Dobin 0x44_RemoteExploit.pdf
Dobin 0x44_RemoteExploit.pdf
Dobin 0x44_RemoteExploit.pdf
11
0.0 (0)
Fichier Détails
| Cartes-fiches | 11 |
|---|---|
| Langue | English |
| Catégorie | Informatique |
| Niveau | Université |
| Crée / Actualisé | 24.06.2019 / 24.06.2019 |
| Attribution de licence | Non précisé |
| Lien de web |
https://card2brain.ch/box/20190624_dobin_0x44remoteexploit_pdf
|
| Intégrer |
<iframe src="https://card2brain.ch/box/20190624_dobin_0x44remoteexploit_pdf/embed" width="780" height="150" scrolling="no" frameborder="0"></iframe>
|
What is a remote exploit?
Attacking an application on another computer, via the network
In what can local remote payloads be hidden in?
Local: Payloads can be in:
- Program arguments
- File
- Environment variable
- etc..
Remote:
- Packatets
- Data sent to server
How do you establish a direct connection to an exploited server?
`
How does a revershell work?
How is connection reuse doen schematic?
How does a deamon work?
WTF is this fork()?
- Create an exact copy of the current process
- Dublicate memory pages as COW (copy on write)
- If return value == 0: Your are in child
- If return value > 0: Your are the parent
WTF are sockets?
- "Bidirectional pipes"
- Pipe: read(), write()
- Or: An integer which represents a pipe
- Pretty much like file descriptors (read/write into a file)
- Child processes inherits sockets of parent
- Processes write/read to socket
- OS makes sute it transports it to the other sie (TCP/IP and stuff)
What is a zombie process <defunct>?
A zombie is a child, whose parent did not check their status after it died or was killed.
What if the parent of child dies?
When the parent of a child dies, the child gets adopted by init (pid1)
