Continuing the discussion from Remote Exploit. Shellcode without Sockets:
No this is not a log post on how to hack remote services. By chance I found an interesting paper that presents an interesting technique to hack your way into a remote server without having a local binary.
This is the link
The technique is very noisy (you will be crashing the server again and again) but I have found it very interesting. As usually this does not work on any service out there. There are some constraints on the service in order to apply this technique... but I believe it is an interesting reading.
The technique allows to bypass ASLR, Stack Canaries and no executable stacks... under some circumstances...
Haven't tried myself yet...