7: Format String Vulnerabilities (printf) - Buffer Overflows - Intro to Binary Exploitation (Pwn)
12.2 هزار بار بازدید -
2 سال پیش
-
7th video from the "Practical
7th video from the "Practical Buffer Overflow Exploitation" course covering the basics of Binary Exploitation. In this video we'll look at format string vulnerabilities (printf) which can be exploited by attackers to leak values/address off the stack and even perform write operations, leading to code execution. We'll use checksec, ghidra, pwndbg and write a fuzzing script with pwntools! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #BinaryExploitation #BufferOverflow #BinExp #RE #Pwn #PwnTools
Find the binary files, source code and scripts to go with the series @ https://github.com/Crypto-Cat/CTF/tre...
↢Social Media↣
Twitter: Twitter: _CryptoCat
GitHub: https://github.com/Crypto-Cat
HackTheBox: https://app.hackthebox.eu/profile/11897
LinkedIn: LinkedIn: cryptocat
Reddit: Reddit: _CryptoCat23
YouTube: cryptocat23
Twitch: Twitch: cryptocat23
↢Binary Exploitation / Reverse Engineering↣
Pwn.College: https://pwn.college
How2Heap: https://github.com/shellphish/how2heap
NightMare: https://guyinatuxedo.github.io
Ir0nstone: https://ir0nstone.gitbook.io/notes/ty...
PinkDraconian: Pwn Zero To Hero
More: https://github.com/Crypto-Cat/CTF#readme
↢Video-Specific Resources↣
https://vickieli.dev/binary%20exploit...
https://codearcana.com/posts/2013/05/...
https://axcheron.github.io/exploit-10...
https://docs.pwntools.com/en/stable/f...
↢Resources↣
Ghidra: https://ghidra-sre.org/CheatSheet.html
PwnTools: https://github.com/Gallopsled/pwntool...
CyberChef: https://gchq.github.io/CyberChef
HackTricks: https://book.hacktricks.xyz/exploitin...
GTFOBins: https://gtfobins.github.io
Decompile Code: https://www.decompiler.com
Run Code: https://tio.run
↢Chapters↣
Start: 0:00
Basic File Checks: 1:00
Review Source Code: 2:28
printf() Format Vuln Basics: 3:58
Leaking Values from the Stack: 5:10
Difference with %s Format Specifier: 8:07
Format String Write (%n) Exploit Basics: 10:46
PwnTools Fuzzing Script: 14:32
Disassemble with Ghidra: 15:42
Compare to x64 Binary: 16:37
End: 18:26
Find the binary files, source code and scripts to go with the series @ https://github.com/Crypto-Cat/CTF/tre...
↢Social Media↣
Twitter: Twitter: _CryptoCat
GitHub: https://github.com/Crypto-Cat
HackTheBox: https://app.hackthebox.eu/profile/11897
LinkedIn: LinkedIn: cryptocat
Reddit: Reddit: _CryptoCat23
YouTube: cryptocat23
Twitch: Twitch: cryptocat23
↢Binary Exploitation / Reverse Engineering↣
Pwn.College: https://pwn.college
How2Heap: https://github.com/shellphish/how2heap
NightMare: https://guyinatuxedo.github.io
Ir0nstone: https://ir0nstone.gitbook.io/notes/ty...
PinkDraconian: Pwn Zero To Hero
More: https://github.com/Crypto-Cat/CTF#readme
↢Video-Specific Resources↣
https://vickieli.dev/binary%20exploit...
https://codearcana.com/posts/2013/05/...
https://axcheron.github.io/exploit-10...
https://docs.pwntools.com/en/stable/f...
↢Resources↣
Ghidra: https://ghidra-sre.org/CheatSheet.html
PwnTools: https://github.com/Gallopsled/pwntool...
CyberChef: https://gchq.github.io/CyberChef
HackTricks: https://book.hacktricks.xyz/exploitin...
GTFOBins: https://gtfobins.github.io
Decompile Code: https://www.decompiler.com
Run Code: https://tio.run
↢Chapters↣
Start: 0:00
Basic File Checks: 1:00
Review Source Code: 2:28
printf() Format Vuln Basics: 3:58
Leaking Values from the Stack: 5:10
Difference with %s Format Specifier: 8:07
Format String Write (%n) Exploit Basics: 10:46
PwnTools Fuzzing Script: 14:32
Disassemble with Ghidra: 15:42
Compare to x64 Binary: 16:37
End: 18:26
2 سال پیش
در تاریخ 1401/01/04 منتشر شده
است.
12,268
بـار بازدید شده