9: Overwriting Global Offset Table (GOT) Entries with printf() - Intro to Binary Exploitation (Pwn)
9th video from the "Practical Buffer Overflow Exploitation" course covering the basics of Binary Exploitation. NX and stack canaries are enabled this time, so we'll use a printf() format string vulnerability overwrite an entry from the Global Offset Table (GOT) with system() function from the Lib-C library. We'll use checksec, ghidra, pwndbg and create a manual printf() format write payload as well as using the pwntools FmtStr functionality! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #BinaryExploitation #BufferOverflow #BinExp #RE #Pwn #PwnTools
Find the binary files, source code and scripts to go with the series @ https://github.com/Crypto-Cat/CTF/tree/main/pwn/binary_exploitation_101
↢Social Media↣
Twitter: https://twitter.com/_CryptoCat
GitHub: https://github.com/Crypto-Cat
HackTheBox: https://app.hackthebox.eu/profile/11897
LinkedIn: https://www.linkedin.com/in/cryptocat
Reddit: https://www.reddit.com/user/_CryptoCat23
YouTube: https://www.youtube.com/CryptoCat23
Twitch: https://www.twitch.tv/cryptocat23
↢Binary Exploitation / Reverse Engineering↣
Pwn.College: https://pwn.college
How2Heap: https://github.com/shellphish/how2heap
NightMare: https://guyinatuxedo.github.io
Ir0nstone: https://ir0nstone.gitbook.io/notes/types/stack
PinkDraconian: https://www.youtube.com/playlist?list=PLeSXUd883dhjmKkVXSRgI1nJEZUDzgLf_
More: https://github.com/Crypto-Cat/CTF#readme
↢Video-Specific Resources↣
https://systemoverlord.com/2017/03/19/got-and-plt-for-pwning.html
https://ir0nstone.gitbook.io/notes/types/stack/aslr/plt_and_got
https://vickieli.dev/binary%20exploitation/format-string-vulnerabilities
https://codearcana.com/posts/2013/05/02/introduction-to-format-string-exploits.html
https://axcheron.github.io/exploit-101-format-strings
https://docs.pwntools.com/en/stable/fmtstr.html
↢Resources↣
Ghidra: https://ghidra-sre.org/CheatSheet.html
PwnTools: https://github.com/Gallopsled/pwntools-tutorial
CyberChef: https://gchq.github.io/CyberChef
HackTricks: https://book.hacktricks.xyz/exploiting/linux-exploiting-basic-esp
GTFOBins: https://gtfobins.github.io
Decompile Code: https://www.decompiler.com
Run Code: https://tio.run
↢Chapters↣
Start: 0:00
Basic File Checks: 0:32
Review Source Code: 2:10
Disassemble with Ghidra: 3:15
Outline Attack (GOT Overwrite): 4:60
GOT vs PLT vs GOT.PLT vs PLT.GOT: 6:07
Fuzz Printf Format Vuln: 8:55
Printf Format Write (%n) Explained: 9:36
Finding Correct Offset for Write: 13:00
How to Build a Manual Payload: 13:55
Manual Printf Write Exploit (%n): 18:08
PwnTools Script (FmtStr Auto): 22:07
End: 26:25
-
57:26
X22 Report
11 hours agoMr & Mrs X - The Food Industry Is Trying To Pull A Fast One On RFK Jr (MAHA), This Will Fail - EP 14
117K74 -
2:01:08
LFA TV
1 day agoTHE RUMBLE RUNDOWN LIVE @9AM EST
169K15 -
1:28:14
On Call with Dr. Mary Talley Bowden
10 hours agoI came for my wife.
42.5K37 -
1:06:36
Wendy Bell Radio
15 hours agoPet Talk With The Pet Doc
82.6K37 -
30:58
SouthernbelleReacts
3 days ago $9.64 earnedWe Didn’t Expect That Ending… ‘Welcome to Derry’ S1 E1 Reaction
56K12 -
13:51
True Crime | Unsolved Cases | Mysterious Stories
5 days ago $18.10 earned7 Real Life Heroes Caught on Camera (Remastered Audio)
68.7K17 -
LIVE
Total Horse Channel
21 hours ago2025 IRCHA Derby & Horse Show - November 1st
59 watching -
4:19
PistonPop-TV
7 days ago $8.68 earnedThe 4E-FTE: Toyota’s Smallest Turbo Monster
50.6K3 -
43:07
WanderingWithWine
6 days ago $5.68 earned5 Dreamy Italian Houses You Can Own Now! Homes for Sale in Italy
37.3K9 -
Spartan
1 day agoFirst playthrough of First Berserker Khazan
49.5K1