8: Leak PIE (bypass) and Lib-C (ret2system) - Buffer Overflows - Intro to Binary Exploitation (Pwn) скачать в хорошем качестве

8: Leak PIE (bypass) and Lib-C (ret2system) - Buffer Overflows - Intro to Binary Exploitation (Pwn)

8th video from the "Practical Buffer Overflow Exploitation" course covering the basics of Binary Exploitation. PIE and NX are enabled this time, so we'll combine printf() format string vulnerability (to leak PIE) with ROP (buffer overflow) to leak and ultimately return to Lib-C, specifically libc.system('/bin/sh'). We'll use checksec, ghidra, pwndbg and create a couple of pwntools scripts, each time adding more automation! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #BinaryExploitation #BufferOverflow #BinExp #RE #Pwn #PwnTools Find the binary files, source code and scripts to go with the series @ https://github.com/Crypto-Cat/CTF/tre... 👷‍♂️Resources🛠 https://cryptocat.me/resources ↢Chapters↣ Start: 0:00 Basic File Checks: 1:22 ASLR/PIE: 2:08 Review Source Code: 4:37 Disassemble with Ghidra: 6:10 Outline Attack (PIE + Lib-C Leak): 6:47 PIEBASE + BREAKRVA with PwnDbg: 9:53 Find RIP Offset with cyclic(): 12:45 Fuzz Printf Format Vuln for PIE address: 14:18 PwnTools Script (Manual): 19:39 Lib-C Database (Blukat): 25:58 PwnTools Script (Auto): 27:27 PwnTools Script (ROPstar): 29:05 End: 30:40