10: Bypassing Stack Canaries (leak + write) - Buffer Overflows - Intro to Binary Exploitation (Pwn)
10th video from the "Practical Buffer Overflow Exploitation" course covering the basics of Binary Exploitation. NX and stack canaries are enabled this time, so we'll use a printf() format string vulnerability leak the stack canary, allowing us to overwrite it with the expected value. We'll use checksec, ghidra, pwndbg and pwntools! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #BinaryExploitation #BufferOverflow #BinExp #RE #Pwn #PwnTools
Find the binary files, source code and scripts to go with the series @ https://github.com/Crypto-Cat/CTF/tree/main/pwn/binary_exploitation_101
↢Social Media↣
Twitter: https://twitter.com/_CryptoCat
GitHub: https://github.com/Crypto-Cat
HackTheBox: https://app.hackthebox.eu/profile/11897
LinkedIn: https://www.linkedin.com/in/cryptocat
Reddit: https://www.reddit.com/user/_CryptoCat23
YouTube: https://www.youtube.com/CryptoCat23
Twitch: https://www.twitch.tv/cryptocat23
↢Binary Exploitation / Reverse Engineering↣
Pwn.College: https://pwn.college
How2Heap: https://github.com/shellphish/how2heap
NightMare: https://guyinatuxedo.github.io
Ir0nstone: https://ir0nstone.gitbook.io/notes/types/stack
PinkDraconian: https://www.youtube.com/playlist?list=PLeSXUd883dhjmKkVXSRgI1nJEZUDzgLf_
More: https://github.com/Crypto-Cat/CTF#readme
↢Resources↣
Ghidra: https://ghidra-sre.org/CheatSheet.html
PwnTools: https://github.com/Gallopsled/pwntools-tutorial
CyberChef: https://gchq.github.io/CyberChef
HackTricks: https://book.hacktricks.xyz/exploiting/linux-exploiting-basic-esp
GTFOBins: https://gtfobins.github.io
Decompile Code: https://www.decompiler.com
Run Code: https://tio.run
↢Chapters↣
Start: 0:00
Basic File Checks: 0:25
Review Source Code: 2:06
Disassemble with Ghidra: 3:05
Outline Attack (Canary Leak + Write): 3:56
Fuzz Printf Format Vuln for Canary: 5:23
Locating Canaries with GDB-PwnDbg: 6:42
PwnTools Exploit Script: 10:37
Additional Pwn/CTF Resources: 12:57
End: 14:38
-
LIVE
SNEAKO
1 hour agoI WAS ATTACKED!!!
4,065 watching -
2:55:11
Fresh and Fit
5 hours agoLil Durk Arrested For Murder-For-Hire, Diddy Case, Project Ester & MORE
54.1K34 -
LIVE
SynthTrax & DJ Cheezus Livestreams
13 hours agoFriday Night HALLOWAVE PIZZA PARTY DJ MIX Livestream Featuring The Art of EricJohnPizzaArtist 5:00pm PST - 8:00pm EST
1,059 watching -
46:53
Man in America
7 hours agoCan the UN Exploit an Election Crisis to SEIZE CONTROL of the USA? w/ Alex Newman
13.1K5 -
LIVE
tacetmort3m
9 hours ago🔴 LIVE - NOT ABANDONING THIS GAME LETS CONTINUE - GHOST OF TSUSHIMA - PART 5
425 watching -
DVR
Flyover Conservatives
22 hours agoBehind the Scenes with Eric Trump, Clay Clark on Elections, Alfie Oakes on America's Food Source, Alexandra Bougher on Parents’ Rights, and Ivan Raiklin on Nov 6! | FOC Show
21.9K2 -
1:31:19
Glenn Greenwald
6 hours agoMeltdown Over Non-Endorsements From WaPo & LA Times; Why Can't The U.S. Count Votes In One Night? Former Addict Saved By Mission To Rescue Street Dogs | SYSTEM UPDATE #358
69.7K62 -
2:22:09
Roseanne Barr
13 hours ago $50.27 earnedLara Logan is Fearless | The Roseanne Barr Podcast #71
95.7K114 -
4:32:34
Nerdrotic
8 hours ago $36.66 earnedRey Movie is TOAST! Blade Canceled, The End of Woke Hollywood! | Friday Night Tights 325
95.4K27 -
1:03:29
Talk Nerdy 2 Us
12 hours agoElection Hacks, Stolen Emails, & Government Crypto Heists: Political Cyber Wars Exposed!
29.1K