For this section, review the information from the chapter and try and expand on the topics. This will allow you to increase your knowledge on different topics. To stimulate your thinking, try some of the following topics:
- Expand on the Shellcode—As we have shown in this chapter, when the stack overflow is against the 64-bit stack, it can be quite a challenge. Experiment with the concepts we discussed and see if you can implement your own shell code within the 64-bit stack. For example, attempt to open another program vice reading of a file, such as the Bash shell. You will find this task quite challenging as there are not a lot of examples of 64-bit Linux shell code out there. Enjoy!
- The next challenge to attempt and flex your skills and practice is to perform the various different attacks that are possible in the SET and the Fast-Track tools. Both of these tools have quite a number of options that are available. The more you understand them and can deploy them, the more powerful a penetration tester you will become.
These two challenges are designed to increase your skills with respect to client-side exploitation and the process and method of analyzing program for potential weaknesses and vectors to attack. Having said that, it is not very often that you will write your own exploits, but the knowledge of how it is done is essential.
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.