9: Overwriting Global Offset Table (GOT) Entries with printf() - Intro to Binary Exploitation (Pwn)
9th video from the "Practical Buffer Overflow Exploitation" course covering the basics of Binary Exploitation. NX and stack canaries are enabled this time, so we'll use a printf() format string vulnerability overwrite an entry from the Global Offset Table (GOT) with system() function from the Lib-C library. We'll use checksec, ghidra, pwndbg and create a manual printf() format write payload as well as using the pwntools FmtStr functionality! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #BinaryExploitation #BufferOverflow #BinExp #RE #Pwn #PwnTools
Find the binary files, source code and scripts to go with the series @ https://github.com/Crypto-Cat/CTF/tree/main/pwn/binary_exploitation_101
↢Social Media↣
Twitter: https://twitter.com/_CryptoCat
GitHub: https://github.com/Crypto-Cat
HackTheBox: https://app.hackthebox.eu/profile/11897
LinkedIn: https://www.linkedin.com/in/cryptocat
Reddit: https://www.reddit.com/user/_CryptoCat23
YouTube: https://www.youtube.com/CryptoCat23
Twitch: https://www.twitch.tv/cryptocat23
↢Binary Exploitation / Reverse Engineering↣
Pwn.College: https://pwn.college
How2Heap: https://github.com/shellphish/how2heap
NightMare: https://guyinatuxedo.github.io
Ir0nstone: https://ir0nstone.gitbook.io/notes/types/stack
PinkDraconian: https://www.youtube.com/playlist?list=PLeSXUd883dhjmKkVXSRgI1nJEZUDzgLf_
More: https://github.com/Crypto-Cat/CTF#readme
↢Video-Specific Resources↣
https://systemoverlord.com/2017/03/19/got-and-plt-for-pwning.html
https://ir0nstone.gitbook.io/notes/types/stack/aslr/plt_and_got
https://vickieli.dev/binary%20exploitation/format-string-vulnerabilities
https://codearcana.com/posts/2013/05/02/introduction-to-format-string-exploits.html
https://axcheron.github.io/exploit-101-format-strings
https://docs.pwntools.com/en/stable/fmtstr.html
↢Resources↣
Ghidra: https://ghidra-sre.org/CheatSheet.html
PwnTools: https://github.com/Gallopsled/pwntools-tutorial
CyberChef: https://gchq.github.io/CyberChef
HackTricks: https://book.hacktricks.xyz/exploiting/linux-exploiting-basic-esp
GTFOBins: https://gtfobins.github.io
Decompile Code: https://www.decompiler.com
Run Code: https://tio.run
↢Chapters↣
Start: 0:00
Basic File Checks: 0:32
Review Source Code: 2:10
Disassemble with Ghidra: 3:15
Outline Attack (GOT Overwrite): 4:60
GOT vs PLT vs GOT.PLT vs PLT.GOT: 6:07
Fuzz Printf Format Vuln: 8:55
Printf Format Write (%n) Explained: 9:36
Finding Correct Offset for Write: 13:00
How to Build a Manual Payload: 13:55
Manual Printf Write Exploit (%n): 18:08
PwnTools Script (FmtStr Auto): 22:07
End: 26:25
-
22:45
Jasmin Laine
3 hours agoCTV Tries to Trap Poilievre—Carney HUMILIATED as Trump Reality Destroys Months of Spin
3.56K11 -
LIVE
LFA TV
19 hours agoLIVE & BREAKING NEWS! | TUESDAY 12/16/25
1,244 watching -
LIVE
freecastle
6 hours agoTAKE UP YOUR CROSS- The weapons we fight with are NOT the weapons of the world!
112 watching -
1:27:39
The Quartering
7 hours agoKash Patel Talks Relationship Amid Manhunt, Trump's New Daughter-In-Law, and Michigan Football Chaos
109K15 -
1:21:08
DeVory Darkins
5 hours agoScott Bessent issues MAJOR Tax Update as JD Vance takes questions on the economy
134K51 -
7:31:03
Dr Disrespect
8 hours ago🔴LIVE - DR DISRESPECT - ARC RAIDERS - NEW COLD SNAP UPDATE
72.3K8 -
19:13
Neil McCoy-Ward
4 hours agoJapan Just Lit The Fuse (Get Ready...)
14.2K6 -
1:03:37
Timcast
6 hours agoRepublicans Call For Mass EXPULSION Of Muslims, Travel BAN
200K147 -
1:14:15
Sean Unpaved
5 hours agoAaron Rodgers & Steelers BOUNCE BACK In WIN vs. Dolphins! | UNPAVED
32.7K6 -
1:58:36
Badlands Media
14 hours agoGeopolitics with Ghost Ep. 65 - December 16, 2025
36.2K3