10: Bypassing Stack Canaries (leak + write) - Buffer Overflows - Intro to Binary Exploitation (Pwn)
15.5 هزار بار بازدید -
2 سال پیش
-
10th video from the "Practical
10th video from the "Practical Buffer Overflow Exploitation" course covering the basics of Binary Exploitation. NX and stack canaries are enabled this time, so we'll use a printf() format string vulnerability leak the stack canary, allowing us to overwrite it with the expected value. We'll use checksec, ghidra, pwndbg and pwntools! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #BinaryExploitation #BufferOverflow #BinExp #RE #Pwn #PwnTools
Find the binary files, source code and scripts to go with the series @ https://github.com/Crypto-Cat/CTF/tre...
↢Social Media↣
Twitter: Twitter: _CryptoCat
GitHub: https://github.com/Crypto-Cat
HackTheBox: https://app.hackthebox.eu/profile/11897
LinkedIn: LinkedIn: cryptocat
Reddit: Reddit: _CryptoCat23
YouTube: cryptocat23
Twitch: Twitch: cryptocat23
↢Binary Exploitation / Reverse Engineering↣
Pwn.College: https://pwn.college
How2Heap: https://github.com/shellphish/how2heap
NightMare: https://guyinatuxedo.github.io
Ir0nstone: https://ir0nstone.gitbook.io/notes/ty...
PinkDraconian: Pwn Zero To Hero
More: https://github.com/Crypto-Cat/CTF#readme
↢Resources↣
Ghidra: https://ghidra-sre.org/CheatSheet.html
PwnTools: https://github.com/Gallopsled/pwntool...
CyberChef: https://gchq.github.io/CyberChef
HackTricks: https://book.hacktricks.xyz/exploitin...
GTFOBins: https://gtfobins.github.io
Decompile Code: https://www.decompiler.com
Run Code: https://tio.run
↢Chapters↣
Start: 0:00
Basic File Checks: 0:25
Review Source Code: 2:06
Disassemble with Ghidra: 3:05
Outline Attack (Canary Leak + Write): 3:56
Fuzz Printf Format Vuln for Canary: 5:23
Locating Canaries with GDB-PwnDbg: 6:42
PwnTools Exploit Script: 10:37
Additional Pwn/CTF Resources: 12:57
End: 14:38
Find the binary files, source code and scripts to go with the series @ https://github.com/Crypto-Cat/CTF/tre...
↢Social Media↣
Twitter: Twitter: _CryptoCat
GitHub: https://github.com/Crypto-Cat
HackTheBox: https://app.hackthebox.eu/profile/11897
LinkedIn: LinkedIn: cryptocat
Reddit: Reddit: _CryptoCat23
YouTube: cryptocat23
Twitch: Twitch: cryptocat23
↢Binary Exploitation / Reverse Engineering↣
Pwn.College: https://pwn.college
How2Heap: https://github.com/shellphish/how2heap
NightMare: https://guyinatuxedo.github.io
Ir0nstone: https://ir0nstone.gitbook.io/notes/ty...
PinkDraconian: Pwn Zero To Hero
More: https://github.com/Crypto-Cat/CTF#readme
↢Resources↣
Ghidra: https://ghidra-sre.org/CheatSheet.html
PwnTools: https://github.com/Gallopsled/pwntool...
CyberChef: https://gchq.github.io/CyberChef
HackTricks: https://book.hacktricks.xyz/exploitin...
GTFOBins: https://gtfobins.github.io
Decompile Code: https://www.decompiler.com
Run Code: https://tio.run
↢Chapters↣
Start: 0:00
Basic File Checks: 0:25
Review Source Code: 2:06
Disassemble with Ghidra: 3:05
Outline Attack (Canary Leak + Write): 3:56
Fuzz Printf Format Vuln for Canary: 5:23
Locating Canaries with GDB-PwnDbg: 6:42
PwnTools Exploit Script: 10:37
Additional Pwn/CTF Resources: 12:57
End: 14:38
2 سال پیش
در تاریخ 1401/01/31 منتشر شده
است.
15,523
بـار بازدید شده