3: Return to Win (Ret2Win) - Buffer Overflows - Intro to Binary Exploitation (Pwn)
19.2 هزار بار بازدید -
2 سال پیش
-
3rd video from the "Practical
3rd video from the "Practical Buffer Overflow Exploitation" course covering the basics of Binary Exploitation. In this video we'll exploit a buffer overflow vulnerability and redirect the flow of execution to a function of our choice (return to win). We'll use checksec, ghidra, pwndbg and create a couple of pwntools scripts, automating finding the EIP/RIP offset and making use of ROP objects! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #BinaryExploitation #BufferOverflow #BinExp #RE #Pwn #PwnTools
Find the binary files, source code and scripts to go with the series @ https://github.com/Crypto-Cat/CTF/tre...
↢Social Media↣
Twitter: Twitter: _CryptoCat
GitHub: https://github.com/Crypto-Cat
HackTheBox: https://app.hackthebox.eu/profile/11897
LinkedIn: LinkedIn: cryptocat
Reddit: Reddit: _CryptoCat23
YouTube: cryptocat23
Twitch: Twitch: cryptocat23
↢Binary Exploitation / Reverse Engineering↣
Pwn.College: https://pwn.college
How2Heap: https://github.com/shellphish/how2heap
NightMare: https://guyinatuxedo.github.io
Ir0nstone: https://ir0nstone.gitbook.io/notes/ty...
PinkDraconian: Pwn Zero To Hero
More: https://github.com/Crypto-Cat/CTF#readme
↢Resources↣
Ghidra: https://ghidra-sre.org/CheatSheet.html
PwnTools: https://github.com/Gallopsled/pwntool...
CyberChef: https://gchq.github.io/CyberChef
HackTricks: https://book.hacktricks.xyz/exploitin...
GTFOBins: https://gtfobins.github.io
Decompile Code: https://www.decompiler.com
Run Code: https://tio.run
↢Chapters↣
Start: 0:00
Basic File Checks: 0:41
Overflow the Buffer: 1:22
Review Source Code: 1:47
Demonstrate PIE with Radare: 3:28
ObjDump: 5:03
Disassemble with Ghidra: 5:32
Find EIP Offset with PwnDbg: 6:42
Dummy Payload to Visualise Attack: 8:02
Manually Exploit BOF to overwrite EIP: 9:31
Debug Exploit with GDB: 10:54
Custom PwnTools Template Explanation: 12:35
PwnTools Exploit Script: 15:01
Find EIP and use ROP Objects in PwnTools: 17:15
End: 19:24
Find the binary files, source code and scripts to go with the series @ https://github.com/Crypto-Cat/CTF/tre...
↢Social Media↣
Twitter: Twitter: _CryptoCat
GitHub: https://github.com/Crypto-Cat
HackTheBox: https://app.hackthebox.eu/profile/11897
LinkedIn: LinkedIn: cryptocat
Reddit: Reddit: _CryptoCat23
YouTube: cryptocat23
Twitch: Twitch: cryptocat23
↢Binary Exploitation / Reverse Engineering↣
Pwn.College: https://pwn.college
How2Heap: https://github.com/shellphish/how2heap
NightMare: https://guyinatuxedo.github.io
Ir0nstone: https://ir0nstone.gitbook.io/notes/ty...
PinkDraconian: Pwn Zero To Hero
More: https://github.com/Crypto-Cat/CTF#readme
↢Resources↣
Ghidra: https://ghidra-sre.org/CheatSheet.html
PwnTools: https://github.com/Gallopsled/pwntool...
CyberChef: https://gchq.github.io/CyberChef
HackTricks: https://book.hacktricks.xyz/exploitin...
GTFOBins: https://gtfobins.github.io
Decompile Code: https://www.decompiler.com
Run Code: https://tio.run
↢Chapters↣
Start: 0:00
Basic File Checks: 0:41
Overflow the Buffer: 1:22
Review Source Code: 1:47
Demonstrate PIE with Radare: 3:28
ObjDump: 5:03
Disassemble with Ghidra: 5:32
Find EIP Offset with PwnDbg: 6:42
Dummy Payload to Visualise Attack: 8:02
Manually Exploit BOF to overwrite EIP: 9:31
Debug Exploit with GDB: 10:54
Custom PwnTools Template Explanation: 12:35
PwnTools Exploit Script: 15:01
Find EIP and use ROP Objects in PwnTools: 17:15
End: 19:24
2 سال پیش
در تاریخ 1400/12/09 منتشر شده
است.
19,219
بـار بازدید شده