How to debug your exploit and payloads - Binary Exploitation PWN101
1.5 هزار بار بازدید -
2 سال پیش
-
In this video we will
In this video we will attach a debugger to our exploit and debug the various payloads and crafted inputs we may need in order to successfully exploit the binary. Debugging the exploit is extremely useful whenever you want to know if your payload is arranged in memory how you expect, or if you are parsing and correctly crafting a given payload.
This technique is useful for every debugger, but especially with radare2 since you can't run embedded python (or other scripting languages) commands.
Pwntools' proc module: https://docs.pwntools.com/en/stable/u...
00:00 - Intro
03:05 - Pwntools' proc module
03:24 - wait_for_debugger()
04:10 - pidof()
04:55 - Practice
05:15 - Exploit skeleton
05:43 - Using pidof() and wait_for_debugger()
06:18 - Reversing the sample
08:10 - Spotting the vulnerability
09:15 - Executing the sample
09:40 - Using wait_for_debugger() and pidof()
11:09 - Debugging the exploit
13:00 - Second use case
13:51 - New exploit
15:10 - Debugging the exploit
17:00 - Recap
18:20 - Outro[*]
Exploit code, not people.
Twitter: @Razvieu
*Outro track: Etsu - Selcouth
GG
This technique is useful for every debugger, but especially with radare2 since you can't run embedded python (or other scripting languages) commands.
Pwntools' proc module: https://docs.pwntools.com/en/stable/u...
00:00 - Intro
03:05 - Pwntools' proc module
03:24 - wait_for_debugger()
04:10 - pidof()
04:55 - Practice
05:15 - Exploit skeleton
05:43 - Using pidof() and wait_for_debugger()
06:18 - Reversing the sample
08:10 - Spotting the vulnerability
09:15 - Executing the sample
09:40 - Using wait_for_debugger() and pidof()
11:09 - Debugging the exploit
13:00 - Second use case
13:51 - New exploit
15:10 - Debugging the exploit
17:00 - Recap
18:20 - Outro[*]
Exploit code, not people.
Twitter: @Razvieu
*Outro track: Etsu - Selcouth
GG
2 سال پیش
در تاریخ 1401/11/10 منتشر شده
است.
1,580
بـار بازدید شده