5: Injecting Shellcode (Shellcraft/MSFVenom) - Buffer Overflows - Intro to Binary Exploitation (Pwn)

5th video from the "Practical Buffer Overflow Exploitation" course covering the basics of Binary Exploitation. In this video we'll see what we can do with buffer overflows when there are no interesting local variables to overwrite, or functions to jump to (ret2win). Instead, we'll inject shellcode directly onto the stack and find a JMP ESP/RSP instruction to overwrite the return address and execute out own code. We'll use checksec, ghidra, pwndbg and create a couple of pwntools scripts, using both Shellcraft and MSFVenom to spawn a shell, cat the flag or create a reverse shell! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #BinaryExploitation #BufferOverflow #BinExp #RE #Pwn #PwnTools

Find the binary files, source code and scripts to go with the series @ https://github.com/Crypto-Cat/CTF/tre...

👷‍♂️Resources🛠
https://cryptocat.me/resources

↢Chapters↣
Start: 0:00
Basic File Checks: 0:40
Review Source Code: 2:15
Disassemble with Ghidra: 3:08
Identify EIP Offset with GDB-PwnDbg: 4:00
Find "JMP ESP" instruction with Ropper: 6:00
Shellcraft Command Line: 6:30
PwnTools Script (Shellcraft): 7:22
MSFVenom Command Line: 12:28
Read flag.txt with PwnTools Script (MSFVenom): 13:30
Reverse Shell with PwnTools Script (MSFVenom): 15:38
Upgrade RevShell to Fully Interactive: 17:10
64-bit Examples: 18:04
End: 19:36