10: Bypassing Stack Canaries (leak + write) - Buffer Overflows - Intro to Binary Exploitation (Pwn)
10th video from the "Practical Buffer Overflow Exploitation" course covering the basics of Binary Exploitation. NX and stack canaries are enabled this time, so we'll use a printf() format string vulnerability leak the stack canary, allowing us to overwrite it with the expected value. We'll use checksec, ghidra, pwndbg and pwntools! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #BinaryExploitation #BufferOverflow #BinExp #RE #Pwn #PwnTools
Find the binary files, source code and scripts to go with the series @ https://github.com/Crypto-Cat/CTF/tree/main/pwn/binary_exploitation_101
↢Social Media↣
Twitter: https://twitter.com/_CryptoCat
GitHub: https://github.com/Crypto-Cat
HackTheBox: https://app.hackthebox.eu/profile/11897
LinkedIn: https://www.linkedin.com/in/cryptocat
Reddit: https://www.reddit.com/user/_CryptoCat23
YouTube: https://www.youtube.com/CryptoCat23
Twitch: https://www.twitch.tv/cryptocat23
↢Binary Exploitation / Reverse Engineering↣
Pwn.College: https://pwn.college
How2Heap: https://github.com/shellphish/how2heap
NightMare: https://guyinatuxedo.github.io
Ir0nstone: https://ir0nstone.gitbook.io/notes/types/stack
PinkDraconian: https://www.youtube.com/playlist?list=PLeSXUd883dhjmKkVXSRgI1nJEZUDzgLf_
More: https://github.com/Crypto-Cat/CTF#readme
↢Resources↣
Ghidra: https://ghidra-sre.org/CheatSheet.html
PwnTools: https://github.com/Gallopsled/pwntools-tutorial
CyberChef: https://gchq.github.io/CyberChef
HackTricks: https://book.hacktricks.xyz/exploiting/linux-exploiting-basic-esp
GTFOBins: https://gtfobins.github.io
Decompile Code: https://www.decompiler.com
Run Code: https://tio.run
↢Chapters↣
Start: 0:00
Basic File Checks: 0:25
Review Source Code: 2:06
Disassemble with Ghidra: 3:05
Outline Attack (Canary Leak + Write): 3:56
Fuzz Printf Format Vuln for Canary: 5:23
Locating Canaries with GDB-PwnDbg: 6:42
PwnTools Exploit Script: 10:37
Additional Pwn/CTF Resources: 12:57
End: 14:38
-
1:03:16
The Anthony Rogers Show
13 hours agoEpisode 308 - Lessons from the Afterlife
9.05K1 -
0:56
Memology 101
13 hours agoMSNBC "finds it SHOCKING" that voters believe Biden is a GREATER THREAT to democracy than Trump
19.4K39 -
1:13:28
The Charlie Kirk Show
3 hours agoTHOUGHTCRIME Ep. 44 — Mud-Faced Millionaires? Trump Jail = Good? The Unfunny Left?
42.2K23 -
1:53:30
Kim Iversen
7 hours agoBiden Confronts "Genocide Joe" Nickname, Ann Coulter Tells Vivek To His Face Only Whites Should Be President, The Great Taking w/ Chris Martenson
46.7K141 -
1:44
Rebel News
7 hours agoLAST CHANCE! Tickets are almost sold out for Rumble Live and Rebel News Live!
39.2K11 -
1:01:20
The StoneZONE with Roger Stone
10 hours agoJFK Murder Re-Examined. Shot From Front And Back = Conspiracy! The StoneZONE w/ Roger Stone
26.8K22 -
1:08:00
TheMonicaCrowleyPodcast
9 hours agoReal Collusion with Benny Johnson
20.2K7 -
1:38:38
OFFICIAL Jovan Hutton Pulitzer Rumble
5 hours agoKamala Clones! They Exist! Or At Least They All Went To The Same Political Prep School
22.8K5 -
1:28:45
Donald Trump Jr.
12 hours agoInside Our Intel Agencies, a Lack of Intelligence: Former Deputy DNI Cliff Sims Knows Why | TRIGGERED Ep.135
107K120 -
2:31:15
The Quartering
8 hours agoTrump Moves For Mistrial, Vivek Shunned For Being Indian, Psycho Journo & Marvel's Downfall
57.1K26