[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

An exploit development demo using Immunity Debugger and the mona plugin

License

Notifications You must be signed in to change notification settings

cherry-wb/monalisa

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Monalisa

Monalisa was created to demonstrate basic usage of the mona plugin on the Immunity Debugger for a small workshop presentation that I'll be giving for the security club at DePaul University. My overall goal is to provide a hands on session where members can experiment with different exploitation techniques using mona. Hopefully by the end of the workshop, the only smile that we'll see will be on our faces, when we get a shell.

Vulnerability

For this demonstration, we'll be attacking a stack buffer overflow vulnerability that exists in version 2 of the Kolibri HTTP server. This specific application was chosen for simplicity and demonstration purposes only. For reference, feel free to learn more about the vulnerability assigned CVE-2002-2268.

Exploitation

The techniques that will be presented using the vulnerable application will include an egg hunter, and hopefully a seh-based exploit (as of this update, I have not attempted this yet). Also, just for the record, I'm not an expert in this subject. In fact, I'm always learning, and like me, hopefully you too express an interest in this area. Have fun!

About

An exploit development demo using Immunity Debugger and the mona plugin

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published