Monthly Archives: April 2014

DEP Bypass: Mini HTTPD Server 1.2

In my “Writing exploit on win32 from scratch: Mini HTTPD Server 1.2” blog post, I pointed that we were working on a Windows SP SP3 box with no DEP (data execution prevention). That’s not real, Windows XP SP3 has DEP,

Posted in Exploiting, win32

From exploit to Metasploit: Mini HTTPD Sever 1.2

This post is to explain how to convert our Mini HTTPD Server 1.2 Exploit to a Metasploit module gaining a lot of flexibility to chose our payloads and targets (once defined in the module of course). Here there is an

Posted in Exploiting, Metasploit, python, win32

Mini HTTPD 1.2 Exploit writing from scratch.

Introduction Some time ago since I wrote my last post cause lately between work, trainings, conferences and some software development my “Free Time” suffered a “Buffer Overflow”. But hey, now found some time and I decided to create the first

Posted in Exploiting, win32