Hello Jow Forums, I've been lurking here for a while, and I'm not really sure there are really experts in the matter here, but hey, I'll give you a try.
I'm getting interested in binary exploitation. What's the best strategy to learn everything? What are the best resources to keep up-to-date? Are there any IRC channels where I can chat and be insulted for my lack of skills?
>best strategy Extremely simple Learn ASM of architecture of your choice Know C Graduate to shellcoding It's literally that simple, and you can find a shit ton of books from beginner to 1337 H4x0r on any step of the way
Leo Morales
As far as irc channels go, fuck off we're full
Noah Bennett
I bet you're fucking lamers anyway
Daniel Morris
Well, duh What did you expect, a coordinated 0day/day channel?
Samuel Nguyen
I already can build my own shellcode, but CTF-grade exploitation it's not like real-world one.
The IRC with people to reply my stupid questions would be really useful.
Giving AFL crashes in popular software in exchange
Asher Howard
Nope, but a place where I can learn how to make my memory corruptions actual working exploits
Oliver Cooper
CTF anything is nothing like real world exploitation You need to do what basically everyone else does, get IDA, learn to use it, and crack applications like that I sincerely doubt you'll ever crack C code of any importance with any shellcode in [current year] If you want to go full edge blackhat, all the money is in db exploitation by now
Tyler Sanders
> I sincerely doubt you'll ever crack C code of any importance with any shellcode in [current year] every conference every year has memory corruption for most used browsers
And forget about the money, I'm not doing that for that reason
Lincoln Rivera
Also I already stated I already have vulnerabilities. And I have more or less identified where it is. I would really like someone/IRC channel to help me out in building the working exploit.
Isaiah Reyes
Are you looking for a specific exploit in a sea of otherwise mostly secure code, or the lowest hanging fruit? Go LARP in /baph/ like everyone else
Isaiah Reyes
> Are you looking for a specific exploit in a sea of otherwise mostly secure code, or the lowest hanging fruit?
wtf are you talking about, if you can't find vulnerabilities, it doesn't mean they don't exist.
Josiah Collins
Look, browsers are generally helmed by competent developers. GENERALLY. A shitty dev managing a low corp database is nowhere near as competent, nor is your average sysadmin that has an 8080 port open on his company server for torrenting You can search for exploits on browsers and find maybe 1 on your own that countless others have missed on H1 and intigriti, or you can target semi-local businesses like every sane person
Dominic Bailey
Do you see a sudden spike in intigriti all of a sudden too?
Brody Mitchell
Not really, it's just Q1 and everyone is alpha testing their shit for Q3 launches Happens every year, H1 is getting swarmed too with startup shit
Jaxson Jenkins
Get comfortable with a disassembler/debugger.
If you like static analysis, find yourself a copy of IDA on TPB.
If you want to do interactive debugging, get x64dbg/olly.
If you want to do OSX/iPhone stuff, get Hopper.
If you don't mind the command line and want something extremely powerful that fits almost every use-case then go for radare2.
In any case, pick a tool, familiarize yourself with it. Then just go reverse shit. Learn ASM. Learn about registers, call stack, heap, memory layouts, etc.
Sebastian Evans
Yeah, that's useful, but in my scenario, I have the source code. And now I want to exploit the binary.