9: Overwriting Global Offset Table (GOT) Entries with printf() - Intro to Binary Exploitation (Pwn)
9th video from the "Practical Buffer Overflow Exploitation" course covering the basics of Binary Exploitation. NX and stack canaries are enabled this time, so we'll use a printf() format string vulnerability overwrite an entry from the Global Offset Table (GOT) with system() function from the Lib-C library. We'll use checksec, ghidra, pwndbg and create a manual printf() format write payload as well as using the pwntools FmtStr functionality! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #BinaryExploitation #BufferOverflow #BinExp #RE #Pwn #PwnTools
Find the binary files, source code and scripts to go with the series @ https://github.com/Crypto-Cat/CTF/tree/main/pwn/binary_exploitation_101
↢Social Media↣
Twitter: https://twitter.com/_CryptoCat
GitHub: https://github.com/Crypto-Cat
HackTheBox: https://app.hackthebox.eu/profile/11897
LinkedIn: https://www.linkedin.com/in/cryptocat
Reddit: https://www.reddit.com/user/_CryptoCat23
YouTube: https://www.youtube.com/CryptoCat23
Twitch: https://www.twitch.tv/cryptocat23
↢Binary Exploitation / Reverse Engineering↣
Pwn.College: https://pwn.college
How2Heap: https://github.com/shellphish/how2heap
NightMare: https://guyinatuxedo.github.io
Ir0nstone: https://ir0nstone.gitbook.io/notes/types/stack
PinkDraconian: https://www.youtube.com/playlist?list=PLeSXUd883dhjmKkVXSRgI1nJEZUDzgLf_
More: https://github.com/Crypto-Cat/CTF#readme
↢Video-Specific Resources↣
https://systemoverlord.com/2017/03/19/got-and-plt-for-pwning.html
https://ir0nstone.gitbook.io/notes/types/stack/aslr/plt_and_got
https://vickieli.dev/binary%20exploitation/format-string-vulnerabilities
https://codearcana.com/posts/2013/05/02/introduction-to-format-string-exploits.html
https://axcheron.github.io/exploit-101-format-strings
https://docs.pwntools.com/en/stable/fmtstr.html
↢Resources↣
Ghidra: https://ghidra-sre.org/CheatSheet.html
PwnTools: https://github.com/Gallopsled/pwntools-tutorial
CyberChef: https://gchq.github.io/CyberChef
HackTricks: https://book.hacktricks.xyz/exploiting/linux-exploiting-basic-esp
GTFOBins: https://gtfobins.github.io
Decompile Code: https://www.decompiler.com
Run Code: https://tio.run
↢Chapters↣
Start: 0:00
Basic File Checks: 0:32
Review Source Code: 2:10
Disassemble with Ghidra: 3:15
Outline Attack (GOT Overwrite): 4:60
GOT vs PLT vs GOT.PLT vs PLT.GOT: 6:07
Fuzz Printf Format Vuln: 8:55
Printf Format Write (%n) Explained: 9:36
Finding Correct Offset for Write: 13:00
How to Build a Manual Payload: 13:55
Manual Printf Write Exploit (%n): 18:08
PwnTools Script (FmtStr Auto): 22:07
End: 26:25
-
2:06:00
The Quartering
6 hours agoTrump Goes NUCLEAR On Canada, Blasts Massie, Harry Potter Race Swap, Man Humiliated On TV Show
69.8K43 -
1:03:09
The White House
6 hours agoPress Secretary Karoline Leavitt Briefs Members of the Media, Mar. 11, 2025
74.5K55 -
1:07:03
Winston Marshall
5 hours agoEXCLUSIVE : Oliver Anthony On Life After ‘Rich Men’, The Christian Counter Culture and The Elites
47.2K10 -
1:44:47
Russell Brand
7 hours agoDigital Censorship & Political Warfare: X Attacked, Rand Paul Rebels, Free Speech on Trial – SF551
140K20 -
LIVE
tastylive
6 hours agoLIVE Stocks, Options & Futures Trading with the Pros! (Market Open -> Close & More) March 11th, 2025
105 watching -
1:35:59
Simply Bitcoin
7 hours ago $3.65 earnedTrumps Bitcoin Embrace TERRIFIES The EU | EP 1200
51.2K8 -
2:00:05
The Charlie Kirk Show
6 hours agoThe Left Regroups + Deporting Hamas Lovers + Love Is Blind? | Rep. Donalds, Dr. Arnn | 3.11.25
125K23 -
30:41
BonginoReport
1 day agoTrump Pulls Ultimate Uno Reverse Card On Illegals (Ep.1) - 03/10/2025
149K553 -
34:53
Grant Stinchfield
1 day ago $5.02 earnedDoctored Photos and Phony Stats, How The Media is Weaponizing the Measles... Again!
45.1K16 -
1:08:03
TheAlecLaceShow
7 hours agoGuests: Senator Bernie Moreno & Anne Fundner | Trump Calls For Massie Primary | The Alec Lace Show
24.5K1