Blindly Hacking Remote Services

Continuing the discussion from Remote Exploit. Shellcode without Sockets:

No this is not a log post on how to hack remote services. By chance I found an interesting paper that presents an interesting technique to hack your way into a remote server without having a local binary.

This is the link

http://www.scs.stanford.edu/brop/bittau-brop.pdf

The technique is very noisy (you will be crashing the server again and again) but I have found it very interesting. As usually this does not work on any service out there. There are some constraints on the service in order to apply this technique… but I believe it is an interesting reading.

The technique allows to bypass ASLR, Stack Canaries and no executable stacks… under some circumstances…

Haven’t tried myself yet…

9 Likes

Wow, the article is full of brilliant ideas… Thanks pico!

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.