[OWASP-Bangalore] More Info related to Bufferoverflow

Sameer Panchangam sameer.panchangam at gmail.com
Mon Jan 12 00:38:39 EST 2009


Could you please confirm the time - Invite says 9pm (is it 9am?)
---
Thanks!
Sameer Panchangam
http://friendfeed.com/spanchangam
Mobile: +91 9885312104 / 9959551518

http://ping.fm/guDne - Copenhagenize the planet. And have a lovely day.


On Mon, Jan 12, 2009 at 9:38 AM, Sumit Kumar <k.sumit.us at gmail.com> wrote:

> And here is the link to the next event. Sending to a larger mailing list;
> if you can access the upcoming link please respond there, else shoot your
> response on the list itself.
>
> http://upcoming.yahoo.com/event/1487431
>
>  Sunday February 1, 2009 from 9:00pm - 11:00pm
>  India Coffee House <http://upcoming.yahoo.com/venue/236466/>
>  MG Road
> Bangalore, Karnataka 560001
>  Category: Education
> Website: https://www.owasp.org/index.php/Bangalore
> OllyDbg Demo by Rajiv
>
>
> This is just to ensure the list is not flooded with "I do" responses :-)
>
> Thanks,
> -Sumit
>
>
> On Sun, Jan 11, 2009 at 12:30 PM, Rajiv Vishwa <rajivvishwa at gmail.com>wrote:
>
>> Hi Guys,
>>
>> It was a wonderful discussion on BoF we had today.
>>
>> I just wanted to share few links to gives more insight on the BoF
>>
>> Smashing The Stack For Fun And Profit<http://insecure.org/stf/smashstack.html>:
>> URL: http://insecure.org/stf/smashstack.html
>>
>> This is one good article which details about 'smashing the stack' process
>> with examples and other illustrations. Try this if you are keen in
>> understanding it thoroughly.
>>
>>
>>> `smash the stack` [C programming] n. On many C implementations
>>> it is possible to corrupt the execution stack by writing past
>>> the end of an array declared auto in a routine.  Code that does
>>> this is said to smash the stack, and can cause return from the
>>> routine to jump to a random address.  This can produce some of
>>> the most insidious data-dependent bugs known to mankind.
>>> Variants include trash the stack, scribble the stack, mangle
>>> the stack; the term mung the stack is not used, as this is
>>> never done intentionally  [Read More...<http://insecure.org/stf/smashstack.html>
>>> ]
>>>
>>
>> Common Vulnerabilities and Exposures (CVE) <http://cve.mitre.org>
>> URL: http://cve.mitre.org
>>
>> Vikas had mentioned about the CVE database, just thought of sharing the
>> link
>>
>> CVE(R) International in scope and free for public use, CVE is a dictionary
>>> of publicly known information security vulnerabilities and exposures.
>>> CVE's common identifiers enable data exchange between security products
>>> and provide a baseline index point for evaluating coverage of tools and
>>> services.
>>>
>>
>> OllyDbg <http://www.ollydbg.de/>
>> URL: http://www.ollydbg.de/
>>
>> This is one tool which can be used to perform run time overflows and
>> assembly level manipulations which I had mentioned. This tool can be
>> downloaded for free. *Note: Dont mess your executables with Ollydbg
>> unless you know what you are doing.* Next session we will have demo with
>> this tool.
>>
>> OllyDbg is a 32-bit assembler level analysing debugger for Microsoft(R)
>>> Windows(R). Emphasis on binary code analysis makes it particularly useful in
>>> cases where source is unavailable
>>>
>>
>> *Timestamp: Sun, 11 Jan 2009 12:23:24**
>>
>> *Regards,
>> *Rajiv*
>> Follow me in Twitter <http://twitter.com/rajivvishwa>
>> ________________________________________________________________
>>
>> On Sat, Jan 10, 2009 at 10:30 PM, <
>> owasp-bangalore-request at lists.owasp.org> wrote:
>>
>>> Send OWASP-Bangalore mailing list submissions to
>>>        owasp-bangalore at lists.owasp.org
>>>
>>> To subscribe or unsubscribe via the World Wide Web, visit
>>>        https://lists.owasp.org/mailman/listinfo/owasp-bangalore
>>> or, via email, send a message with subject or body 'help' to
>>>        owasp-bangalore-request at lists.owasp.org
>>>
>>> You can reach the person managing the list at
>>>        owasp-bangalore-owner at lists.owasp.org
>>>
>>> When replying, please edit your Subject line so it is more specific
>>> than "Re: Contents of OWASP-Bangalore digest..."
>>>
>>>
>>> Today's Topics:
>>>
>>>   1. Gentle Remainder : Jan Meet on 11th @ ICH (Sundar N)
>>>
>>>
>>> ----------------------------------------------------------------------
>>>
>>> Message: 1
>>> Date: Sat, 10 Jan 2009 10:48:58 +0530
>>> From: "Sundar N" <suntracks at gmail.com>
>>> Subject: [OWASP-Bangalore] Gentle Remainder : Jan Meet on 11th @ ICH
>>> To: owasp-bangalore at lists.owasp.org
>>> Message-ID:
>>>        <c1e982c50901092118p73720afbtcebc558ab4cf1a25 at mail.gmail.com>
>>> Content-Type: text/plain; charset=ISO-8859-1
>>>
>>> Hello Everyone,
>>>
>>> It is Scheduled on Jan 11th @ 9.00 AM, India Coffee house, 1st Floor, MG
>>> Road.
>>> Also a session on 'Buffer Overflow' by Sumit.
>>> Looking Forward to meet you all there.
>>>
>>> Sundar.
>>>
>>>
>>> ------------------------------
>>>
>>> _______________________________________________
>>> OWASP-Bangalore mailing list
>>> OWASP-Bangalore at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-bangalore
>>>
>>>
>>> End of OWASP-Bangalore Digest, Vol 14, Issue 5
>>> **********************************************
>>>
>>
>>
>> _______________________________________________
>> OWASP-Bangalore mailing list
>> OWASP-Bangalore at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-bangalore
>>
>>
>
>
> --
>
> Joe E. Lewis  - "There's only one thing money won't buy, and that is
> poverty."
> _______________________________________________
> OWASP-Bangalore mailing list
> OWASP-Bangalore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-bangalore
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-bangalore/attachments/20090112/ddc37428/attachment-0001.html 


More information about the OWASP-Bangalore mailing list