Hello Jow Forums,
I've been lurking here for a while, and I'm not really sure there are really experts in the matter here, but hey, I'll give you a try.
I'm getting interested in binary exploitation. What's the best strategy to learn everything? What are the best resources to keep up-to-date? Are there any IRC channels where I can chat and be insulted for my lack of skills?
Thanks a lot
Other urls found in this thread:
trailofbits.github.io
twitter.com
No one?
Wow, you can search on google.
Thanks a lot m8
>best strategy
Extremely simple
Learn ASM of architecture of your choice
Know C
Graduate to shellcoding
It's literally that simple, and you can find a shit ton of books from beginner to 1337 H4x0r on any step of the way
As far as irc channels go, fuck off we're full
I bet you're fucking lamers anyway
Well, duh
What did you expect, a coordinated 0day/day channel?
I already can build my own shellcode, but CTF-grade exploitation it's not like real-world one.
The IRC with people to reply my stupid questions would be really useful.
Giving AFL crashes in popular software in exchange
Nope, but a place where I can learn how to make my memory corruptions actual working exploits
CTF anything is nothing like real world exploitation
You need to do what basically everyone else does, get IDA, learn to use it, and crack applications like that
I sincerely doubt you'll ever crack C code of any importance with any shellcode in [current year]
If you want to go full edge blackhat, all the money is in db exploitation by now
> I sincerely doubt you'll ever crack C code of any importance with any shellcode in [current year]
every conference every year has memory corruption for most used browsers
And forget about the money, I'm not doing that for that reason
Also I already stated I already have vulnerabilities. And I have more or less identified where it is. I would really like someone/IRC channel to help me out in building the working exploit.
Are you looking for a specific exploit in a sea of otherwise mostly secure code, or the lowest hanging fruit?
Go LARP in /baph/ like everyone else
> Are you looking for a specific exploit in a sea of otherwise mostly secure code, or the lowest hanging fruit?
wtf are you talking about, if you can't find vulnerabilities, it doesn't mean they don't exist.
Look, browsers are generally helmed by competent developers. GENERALLY.
A shitty dev managing a low corp database is nowhere near as competent, nor is your average sysadmin that has an 8080 port open on his company server for torrenting
You can search for exploits on browsers and find maybe 1 on your own that countless others have missed on H1 and intigriti, or you can target semi-local businesses like every sane person
Do you see a sudden spike in intigriti all of a sudden too?
Not really, it's just Q1 and everyone is alpha testing their shit for Q3 launches
Happens every year, H1 is getting swarmed too with startup shit
Get comfortable with a disassembler/debugger.
If you like static analysis, find yourself a copy of IDA on TPB.
If you want to do interactive debugging, get x64dbg/olly.
If you want to do OSX/iPhone stuff, get Hopper.
If you don't mind the command line and want something extremely powerful that fits almost every use-case then go for radare2.
In any case, pick a tool, familiarize yourself with it. Then just go reverse shit. Learn ASM. Learn about registers, call stack, heap, memory layouts, etc.
Yeah, that's useful, but in my scenario, I have the source code. And now I want to exploit the binary.
Bump for interest
>X64dbg/olly
Nice job showing everyone ur a retard
T. Windbg gang