Gray Hat Hacking, Second Edition, 2nd Edition

Exploit Development Process

Now that we have covered the basics, you are ready to look at a real-world example. In the real world, vulnerabilities are not always as straightforward as the meet.c example and require a repeatable process to successfully exploit. The exploit development process generally follows these steps:

Control eip
Determine the offset(s)
Determine the attack vector
Build the exploit sandwich
Test the exploit

At first, you should follow these steps exactly; later you may combine a couple of these steps as required.

Real-World Example

In this chapter, we are going to look at the PeerCast v0.1214 server from peercast.org. This server is widely used to serve up radio stations on the Internet. There are several vulnerabilities in ...

Get Gray Hat Hacking, Second Edition, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Gray Hat Hacking, Second Edition, 2nd Edition by Shon Harris, Allen Harper, Chris Eagle, Jonathan Ness

Exploit Development Process

Real-World Example

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly