Mẹo Hay

First Exploit! Buffer Overflow with Shellcode – bin 0x0E

Rate this post



We write our first real exploit to get root access. Solving stack5 from exploit-exercises.com with a simple Buffer Overflow and shellcode.

Run into some problems (illegal instruction):
Stack Level 5:

-=[ 🔴 Stuff I use ]=-

→ Microphone:*
→ Graphics tablet:*
→ Camera#1 for streaming:*
→ Lens for streaming:*
→ Connect Camera#1 to PC:*
→ Keyboard:*
→ Old Microphone:*

US Store Front:*

-=[ ❤️ Support ]=-

→ per Video:
→ per Month:

-=[ 🐕 Social ]=-

→ Twitter:
→ Website:
→ Subreddit:
→ Facebook:

-=[ 📄 P.S. ]=-

All links with “*” are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.

#BufferOverflow #BinaryExploitation #Shellcode

Tag: shellcode, live hacking, live ctf, buffer overflow, let’s hack, shellcode, exploit-exercises, exploit-exercises.com, gdb, shellstorm, bufferoverflow, debugging, code execution, stack overflow, eip, rip, return pointer, smash the stack, stack smashing, stack, overflowing the return pointer, how to hack, hacking tutorial, reverse engineering, information security, ethical hacking, infosec

Xem Thêm Bài Viết Về Mẹo Hay Khác: https://meocongnghe.vn/meo-hay

Nguồn: https://meocongnghe.vn

26 Comments

  1. Just a little reminder, at 8:18 he's adding 30 as a decimal value to the address. I was wondering why I still got an 'illegal instruction' message, until I checked in dbg only to see that it added 30 as a decimal value and not as hex. This resulted in my offset being to small and not hitting in the NOPs. Using 'x30' resolved this issue and I got the 'Trace/breakpoint trap'. When you get your head around this stuff it's really fascinating. Thanks for the great videos!

    Reply
  2. For those getting SEGMENTATION FAULT when trying to execute the shellcode (INT3 interrupt), here's the solution:
    recompile your code with this option "-z execstack" to make the stack memory executable.

    Reply
  3. Anyone tried this on their base machine ? not while on ssh protostar ? because it dosent work on Linux 5.5.0-1parrot1-amd64 kernel ! or it doesn't related to kernel and I am doing something wrong ??

    Reply
  4. This was a great intro to buffer overflows. It was a bit little challenging to get working on modern 64bit Linux system, but finally figured it out. It would be really cool to see an updated video on this. Keep up the good work man!

    Reply

Post Comment