This is the first tutorial in the Exploit Development series, intended to teach the fundamental skills necessary to develop working exploits. This tutorial will be the foundation from which the rest of the exploit development series is built.
For the purposes of this tutorial, we’ll be targeting the
SLMail application. In the early ‘00s, a buffer overflow vulnerability was discovered in version 5 of the
SLMail POP3 server. Over the course of this tutorial, we will work through the entire exploit development process, from initial lab setup all the way to a working proof-of-concept (PoC) exploit. For the finishing touch, we will transform our PoC into a weaponized
Note: The tutorial uses
Python 3.7 for the exploit code, as this is the author’s language of choice. Feel free to use whichever language you prefer.