owning snort

Just posting a quick pair of links in case anyone is interested in reading about creating an exploit/buffer overflow. Trirat Puttaraksa discusses a Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow. Part 1 is a DoS condition and part 2 goes into actual code excution. Very interesting, although beyond my abilities for now. Browse the rest of his blog for even more dissections.

One thought on “owning snort

  1. Yeah, I also read through the heap spraying stuff, which is great because I was reading over Skyline’s stuff earlier to that. Good set of posts. Well written and explained.

Comments are closed.