Texts

Texts

Texts

Papers and documentations written by myself. Some of those will perheaps never be published.

Assembleur Windows: Introduction (french version) [Published in IGA 10] : This paper describes a little sample program to learn ASM programming under Windows, with MASM32.

Netcat (french version) [Published in IGA 11] : This paper explains how to use NetCat (real TCP/UDP toolbox), to simulate tiny servers, to scan, to debug, ...

Buffer overflows: Théorie générale (french version) [Published in IGA 11] : This paper describles the general technic to exploit stack based buffer overflows.

Buffer overflows: Exploit WarFTP Windows (french version) [Published in IGA 11] : This paper describles the full procedure to exploit a stack based buffer overflow under Windows, more preciselly in the USER command of the WarFTP 1.65 server (final version). After that, the paper explain how to code the associated exploit.

Programmation et concepts Windows Ring 3 (french version) [Published in SecuriMag 1] : This paper describes different choosed subjects, relatives to Windows Ring 3: process, threads, virtual memory, PE format, DLLs, APIs, Memory Mapped Files, accessinf of a process's memory , ...

Structure interne du langage C (french version) (english version by Nitrogen) : This paper describes the allocation of variables and the calling conventions with C language.

Introduction aux Firewalls TCP/IP (french version): This paper describes the goals, the architectures, and the principes used by TCP/IP firewalls. This is a summary of some reading and documentations on the subject.

Smashing C++ VPTRs (english version) (french version) (HTML french version by GangStuck) (spanish version by Honoriak) [Published in Phrack 56] : This paper describles a particular method to exploit buffer overflows, relative to the overwriting of VPTR pointers (used in virtual functions) in C++ classes with the GNU C++ compiler.

Analyse de la fiabilité des systèmes de détection d'intrusions (PDF french book version) (PDF french slides) [Published as end school project] : This work explains how to write the LibCTCPIP library (low-level TCP/IP manipulations to test NIDS fiability), and contains a detailed analysis of actual products (more precisely Snort and BlackIce Defender). After that, some future ideas and solutions are considered.

Writing IA32 Alphanumeric Shellcodes (english version) [Published in Phrack 57] : This paper describes different technics to generate shellcodes containing only alphanumeric chars, to avoid filtering and detections. The ASC utility, using some of those technics, is also explained.

The Reverse Challenge [Obtained the 8th place at the Honeynet Reverse Challenge] : We (me and lrz) analyzed a backdoor found on a compromised honeypot (by using IDA Pro), answered to some questions for the challenge, and wrote a client/sniffer/scanner to control this backdoor.