诸葛建伟作译书籍资源下载

发表在 Uncategorized | Comments Off on 诸葛建伟作译书籍资源下载

《Metasploit渗透测试魔鬼训练营》出版开始预售

@清华诸葛建伟 和狩猎女神团队成员合作撰写的《Metasploit渗透测试魔鬼训练营》,首本中文原创Metasploit渗透测试著作!已经由机械工业出版社出版,预售链接:http://t.cn/z8ChorO 试读样章:http://t.cn/z8ChZrq 豆瓣链接:http://t.cn/z8CwzcH

《Metasploit渗透测试魔鬼训练营》书籍的配套虚拟机环境请从http://pan.baidu.com/share/link?shareid=390909&uk=3828326324链接下载。任何问题可在新浪微博上@作者团队@清华诸葛建伟 @reallybobo @lukesun629 @evan-css @sevenfrank.

发表在 书籍 | Comments Off on 《Metasploit渗透测试魔鬼训练营》出版开始预售

Wireshark数据包分析实战(第2版) 在Amazon排行榜进入网络与通信类前五

Wireshark数据包分析实战(第2版)自2013年3月份出版后,一直较为畅销,在Amazon排行榜进入网络与通信类前五,并在全部书籍中排名进入前5,000.

本书译者团队达成共识,将本书的公益特性进行到底,决定将本书的译者稿费捐赠给清华大学学生教育扶贫公益协会,通过@电脑传爱活动,将旧电脑维修之后,为打工子弟小学建立电脑室,将公益的精神传递下去。我们也非常欢迎读者能够参与公益事业,事实上,各位读者在购买本书的同时,就已经为公益做出了一份贡献。如果你愿意捐赠淘汰的电脑和计算机基础书籍,欢迎通过新浪微博@电脑传爱,也可以@清华诸葛建伟。

发表在 书籍 | Comments Off on Wireshark数据包分析实战(第2版) 在Amazon排行榜进入网络与通信类前五

《Wireshark数据包分析实战》(第2版)勘误

  1. Page 115, line 3, 确认号 2691127925,应为3691127925,感谢@天下独绝
  2. Page 193,图9-11,黑1-黑4与下面的描述不一致,把图中的黑色编号都往下挪一行就对了,原书中也有这个错误。感谢@oldqu
  3. Page 45,3.3.3 在Mac OS X系统中安装,@王兴宇 反应不再适用,等待找Mac OS X系统测试。

  4. wireshark数据包分析实战一书118页表格有一处“用户数据报协议”打成了用户数据板协议。感谢 @赫拉森
  5. P15倒数第2行, “一直从一个交换机被中继到”, 其中”被”字删除。P169第6行注意部分, 在Windows系统中hosts文件应在”drivers\etc\hosts”,漏了”etc\”。P218第1行,数据包捕获文件缺少passiveosfingerprinting.pcap。感谢@真印良品
发表在 书籍 | Comments Off on 《Wireshark数据包分析实战》(第2版)勘误

Eureka Email 2.2q ERR Remote Buffer Overflow Exploit

=========================================

vicitm : window xp sp3 CHINESE

OS : bt5
(ip : 192.168.94.141)

—————————————–

this is the app and vuln info
and it not work in my victim before i modify it

=========================================
01a

继续阅读

发表在 Uncategorized | Comments Off on Eureka Email 2.2q ERR Remote Buffer Overflow Exploit

exploit work in my victim PART 3

=================================
VICTIM : WINDOW XP SP3 EN

=================================

find out jmp esp address

=================================

继续阅读

发表在 Uncategorized | Comments Off on exploit work in my victim PART 3

Mini-stream RM-MP3 Converter v3.1.2.2 Local Buffer Overflow (2)

***************************

victim : windows XP sp3 EN

***************************

for more detail , please view http://netsec.ccert.edu.cn/hacking/2012/09/03/mini-stream-rm-mp3-converter-v3-1-2-2-local-buffer-overflow/

this is victim

===========================

v1
=========================

—>

发表在 Uncategorized | Comments Off on Mini-stream RM-MP3 Converter v3.1.2.2 Local Buffer Overflow (2)

Mini-stream RM-MP3 Converter v3.1.2.2 Local Buffer Overflow—- write my own exp

============================
attacker : bt5 r2
victim : win XP sp3 (CHINESE)
============================

here is the exploit info , the exp is not work in my own victim

************************************************
1

************************************************

—>

发表在 Uncategorized | Comments Off on Mini-stream RM-MP3 Converter v3.1.2.2 Local Buffer Overflow—- write my own exp

exploit work in my victim PART 2

#####################################
i want to get a shell code , i can also see that ESP seems to point to C’s the C’s ,i don’t know for sure that the first C ,at address 00ff730 , where ESP point at .

now , i will change the perl script and feed a patterm of character instead of C’s

—>

发表在 Uncategorized | Comments Off on exploit work in my victim PART 2

exploit work in my victim PART 1

why i test this, cause it not work in my victim

os :

—————————-

backtrack 5 R2

window xp (CHINESE)

———————-
—>

发表在 Uncategorized | Comments Off on exploit work in my victim PART 1