I am doing corelan course tutorial #2 . I am improving a lot , but I would to know somethings about this course , I know it’s based on windows xp , but the tecniques are the same, however this course covers stack cookies / dep / aslr / ROP / SafeSEH / SEHOP ,heap spraying (IE8) but I wonder how difficult will it be to move from this course to modern exploitation windows 7 to 8 to 10 and start hunting the hottest 0day available ?
I don’t think it’s really more difficult on newer Windows systems.
It should be noted that on 64-bit Windows systems, you will necessarily have the DEP enabled and it is not possible to disable it by program.
You will be able to reuse all the techniques of the tutorial. It is just necessary to to research the functioning of the LFH, which takes place after 10 manipulations.
As for security features like CFG and others, I never meet them in real cases.
I did the tutorials a couple months back and you will(?) come across exploitation on a higher version than XP. For me, I ported some of the exploits over to work on Windows 7 and they’re functional. As far as ASLR goes, I don’t believe they cover that much, only briefly in theory.
I’d definitely be interested in this.
One day we will have to advance past windows exploits when people in the world realize windows is a problem and not a solution to business. do you think that will kill these corelan classes?
thanks , but I also am trying to port some exploits to modern OS such as slmail , minishare , vulnserve so on
thanks for your response , but I will try to mix a bit xp / 7 to move a bit faster.