Skip to content

FeeeDz/how2bof

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

how2bof

Guide to buffer overflows, binaries that can be used to practice BufferOverFlows. All these binaries are 32bit. Compiled on Ubuntu 16.04

You probably arrive here because you're interested in learning to hack. Hopefully this repo contains information that is useful in your pursuit. Another resource I can highly recommend is LiveOverflow. He has a real gift for explaining the underlying technical principles.

This challenge was taken directly from the pwnable.kr challenge "bof". This is a great starting point for learning about buffer overflows.

This challenge requires you to overwrite the return pointer on the stack. Can you get shell?

This challenge requires you to set up the stack correctly to pass arguments to the system function. Are you up for the challenge?

Similar to bof3, but strings won't be as readily available, can you still get shell?

Introduction into ASLR, and using return to libc (ret2libc) for popping a shell.

Building on the last level, this introduces the concept of stack cookies/sentinels/guards and requires leaking several values yourself by using FSB.


Essential Tools:

pwntools. Please head over there and look up how to install this excellent python module.

It is also recommended that you use something to make the use of GDB a bit 'friendlier'. I would recommend using one of the following:

After putting these challenges together I found: https://github.com/bert88sta/how2exploit_binary Take a look at his repo and very similar information there (plus more) ;)

About

Guide to buffer overflows

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 70.0%
  • C 27.5%
  • Shell 2.5%