Exploitation 102
Lecture
Homework
The homework this week is to write a basic browser exploit. The homework2.zip file contains JavaScript to trigger two vulnerabilities in the Vulnerable.ocx ActiveX control as well as a payload for you to execute. The first vulnerability is a basic stack overflow. The second vulnerability is protected with /GS and requires the abuse of a structured exception handler (SEH) record to exploit. Students are required to write an exploit for only the first flaw, the second is extra credit worth an entire extra homework.
Discussion
Share Article 