9: Overwriting Global Offset Table (GOT) Entries with printf() - Intro to Binary Exploitation (Pwn)
9th video from the "Practical Buffer Overflow Exploitation" course covering the basics of Binary Exploitation. NX and stack canaries are enabled this time, so we'll use a printf() format string vulnerability overwrite an entry from the Global Offset Table (GOT) with system() function from the Lib-C library. We'll use checksec, ghidra, pwndbg and create a manual printf() format write payload as well as using the pwntools FmtStr functionality! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #BinaryExploitation #BufferOverflow #BinExp #RE #Pwn #PwnTools
Find the binary files, source code and scripts to go with the series @ https://github.com/Crypto-Cat/CTF/tree/main/pwn/binary_exploitation_101
↢Social Media↣
Twitter: https://twitter.com/_CryptoCat
GitHub: https://github.com/Crypto-Cat
HackTheBox: https://app.hackthebox.eu/profile/11897
LinkedIn: https://www.linkedin.com/in/cryptocat
Reddit: https://www.reddit.com/user/_CryptoCat23
YouTube: https://www.youtube.com/CryptoCat23
Twitch: https://www.twitch.tv/cryptocat23
↢Binary Exploitation / Reverse Engineering↣
Pwn.College: https://pwn.college
How2Heap: https://github.com/shellphish/how2heap
NightMare: https://guyinatuxedo.github.io
Ir0nstone: https://ir0nstone.gitbook.io/notes/types/stack
PinkDraconian: https://www.youtube.com/playlist?list=PLeSXUd883dhjmKkVXSRgI1nJEZUDzgLf_
More: https://github.com/Crypto-Cat/CTF#readme
↢Video-Specific Resources↣
https://systemoverlord.com/2017/03/19/got-and-plt-for-pwning.html
https://ir0nstone.gitbook.io/notes/types/stack/aslr/plt_and_got
https://vickieli.dev/binary%20exploitation/format-string-vulnerabilities
https://codearcana.com/posts/2013/05/02/introduction-to-format-string-exploits.html
https://axcheron.github.io/exploit-101-format-strings
https://docs.pwntools.com/en/stable/fmtstr.html
↢Resources↣
Ghidra: https://ghidra-sre.org/CheatSheet.html
PwnTools: https://github.com/Gallopsled/pwntools-tutorial
CyberChef: https://gchq.github.io/CyberChef
HackTricks: https://book.hacktricks.xyz/exploiting/linux-exploiting-basic-esp
GTFOBins: https://gtfobins.github.io
Decompile Code: https://www.decompiler.com
Run Code: https://tio.run
↢Chapters↣
Start: 0:00
Basic File Checks: 0:32
Review Source Code: 2:10
Disassemble with Ghidra: 3:15
Outline Attack (GOT Overwrite): 4:60
GOT vs PLT vs GOT.PLT vs PLT.GOT: 6:07
Fuzz Printf Format Vuln: 8:55
Printf Format Write (%n) Explained: 9:36
Finding Correct Offset for Write: 13:00
How to Build a Manual Payload: 13:55
Manual Printf Write Exploit (%n): 18:08
PwnTools Script (FmtStr Auto): 22:07
End: 26:25
-
8:02
China Uncensored
9 hours agoChina Just Took The First Step Towards WAR
15.2K12 -
1:20:04
Flyover Conservatives
22 hours agoWhy Did Jesus Really Come? It’s NOT What You Think - Pedro Adao | FOC Show
16.5K2 -
LIVE
DLDAfterDark
2 hours ago $0.84 earnedYo Homie! Is That My Briefcase?? EDC & Gun Talk - Blue Waffle Giveaway Pre Stream
296 watching -
1:34:23
Glenn Greenwald
6 hours agoSydney Shooting Exploited for Pro-Israel Censorship and Anti-Muslim Crackdowns; How Media DEI Was the Opposite of Diversity | SYSTEM UPDATE #559
130K95 -
1:09:01
MattMorseTV
5 hours ago $44.97 earned🔴Trump just handed Congress THE EVIDENCE.🔴
49.1K91 -
1:01:54
BonginoReport
6 hours agoVanity Fair Goes Nuclear On Trump’s Inner Circle - Nightly Scroll w/ Hayley Caronia (Ep.198)
146K53 -
53:25
Katie Miller Pod
8 hours ago $7.53 earnedFBI Director Kash Patel & Alexis Wilkins on Balancing Their Relationship with Work | KMP Ep.19
41K29 -
1:15:37
Candace Owens
6 hours agoErika And I Sat Down. Here’s What Happened. | Candace Ep 280
214K763 -
2:06:47
Quite Frankly
9 hours agoDestroying the West to Save the West? | J Gulinello | 12/16/25
51.1K12 -
13:51
ARFCOM News
8 hours ago $3.83 earnedShould Bystander Have Blasted? + DOJ Lawyers: Don't Make Us Defend Gun Rights! + How To STOP Flock?
44.4K12