From 0x90 to 0x4c454554, a journey into exploitation. I put some time in and compiled a list in a course type layout to help people in process of learning exploit development. I hope my research will help others spend more time learning and less time searching. First off I want to thank the corelan guys for the help they have provided me so far in the process. layout: I will be posting in a hierarchical structure, each hierarchy structure should be fully understood before moving on to the next section.
So this is not a particularly technical source article, but it looks fairly interesting and I haven’t heard of this Linux.Darlloz worm before, so it might be new to some of you too. Seems like it’s going after old php-cgi installs, which are very common on embedded systems (routers/pos systems/stbs etc). The vulnerability being used is actually pretty old and was patched back in May 2012. It’s not really likely to cause a serious risk to servers, which tend not to run php-cgi any more – and it would be more common for them to be updated.