9: Overwriting Global Offset Table (GOT) Entries with printf() - Intro to Binary Exploitation (Pwn)
9th video from the "Practical Buffer Overflow Exploitation" course covering the basics of Binary Exploitation. NX and stack canaries are enabled this time, so we'll use a printf() format string vulnerability overwrite an entry from the Global Offset Table (GOT) with system() function from the Lib-C library. We'll use checksec, ghidra, pwndbg and create a manual printf() format write payload as well as using the pwntools FmtStr functionality! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #BinaryExploitation #BufferOverflow #BinExp #RE #Pwn #PwnTools
Find the binary files, source code and scripts to go with the series @ https://github.com/Crypto-Cat/CTF/tree/main/pwn/binary_exploitation_101
↢Social Media↣
Twitter: https://twitter.com/_CryptoCat
GitHub: https://github.com/Crypto-Cat
HackTheBox: https://app.hackthebox.eu/profile/11897
LinkedIn: https://www.linkedin.com/in/cryptocat
Reddit: https://www.reddit.com/user/_CryptoCat23
YouTube: https://www.youtube.com/CryptoCat23
Twitch: https://www.twitch.tv/cryptocat23
↢Binary Exploitation / Reverse Engineering↣
Pwn.College: https://pwn.college
How2Heap: https://github.com/shellphish/how2heap
NightMare: https://guyinatuxedo.github.io
Ir0nstone: https://ir0nstone.gitbook.io/notes/types/stack
PinkDraconian: https://www.youtube.com/playlist?list=PLeSXUd883dhjmKkVXSRgI1nJEZUDzgLf_
More: https://github.com/Crypto-Cat/CTF#readme
↢Video-Specific Resources↣
https://systemoverlord.com/2017/03/19/got-and-plt-for-pwning.html
https://ir0nstone.gitbook.io/notes/types/stack/aslr/plt_and_got
https://vickieli.dev/binary%20exploitation/format-string-vulnerabilities
https://codearcana.com/posts/2013/05/02/introduction-to-format-string-exploits.html
https://axcheron.github.io/exploit-101-format-strings
https://docs.pwntools.com/en/stable/fmtstr.html
↢Resources↣
Ghidra: https://ghidra-sre.org/CheatSheet.html
PwnTools: https://github.com/Gallopsled/pwntools-tutorial
CyberChef: https://gchq.github.io/CyberChef
HackTricks: https://book.hacktricks.xyz/exploiting/linux-exploiting-basic-esp
GTFOBins: https://gtfobins.github.io
Decompile Code: https://www.decompiler.com
Run Code: https://tio.run
↢Chapters↣
Start: 0:00
Basic File Checks: 0:32
Review Source Code: 2:10
Disassemble with Ghidra: 3:15
Outline Attack (GOT Overwrite): 4:60
GOT vs PLT vs GOT.PLT vs PLT.GOT: 6:07
Fuzz Printf Format Vuln: 8:55
Printf Format Write (%n) Explained: 9:36
Finding Correct Offset for Write: 13:00
How to Build a Manual Payload: 13:55
Manual Printf Write Exploit (%n): 18:08
PwnTools Script (FmtStr Auto): 22:07
End: 26:25
-
28:17
The White House
6 hours agoPresident Trump Delivers an Address to the Nation
79.4K122 -
4:44:53
Drew Hernandez
23 hours agoTRUMP ADDRESSES THE NATION & BONGINO ANNOUNCES FBI DEPARTURE?
59.4K19 -
2:37:30
Badlands Media
16 hours agoBadlands Media Special Coverage - MY FELLOW AMERICANS the Alpha Warrior Show & Redpill Project
66.1K29 -
22:54
Jasmin Laine
12 hours agoMedia MELTS DOWN as Poilievre Surges—Ottawa Loses Control of the Narrative
31.1K15 -
59:50
BonginoReport
9 hours agoDan Bongino Is Leaving The FBI - Nightly Scroll w/ Hayley Caronia (Ep.199)
290K257 -
1:14:51
Kim Iversen
10 hours agoSTILL SHADY: Candace Meets With Erika — She Was Right
170K257 -
1:04:57
Candace Owens
10 hours agoBREAKING NEWS! We Received Photos Of Charlie's Car After The Assassination. | Candace Ep 281
175K518 -
1:42:25
Redacted News
10 hours agoPutin just did the UNTHINKABLE as US Senators push for war against Russia
179K174 -
LIVE
SpartakusLIVE
1 day agoWZ All Night! || Arc has been UNINSTALLED
137 watching -
8:32
Dr. Nick Zyrowski
4 days agoHow Your Butt Shape Determine Metabolic Health - (Surprising Research!)
55.9K15