Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
If you have some interesting news or want to throw up a link to discuss it, here's the place. Anything is okay, even shameless vendor launches (since that is often applicable to what we work on). 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Buffer Overflow Primer Videos
Posted by: ramaz
Date: April 24, 2009 11:19AM

Hello All,

Hope you liked the Assembly Language Primer series I made before this. I will be adding a couple of more videos to it soon.
In the meantime wanted to get started with some real fun -

Buffer Overflow Primer Videos

In this video series we will take an in-depth look into Buffer Overflow attacks - how they work and how to exploit them.
I made the first video in the series today - a 30 minute session.

Buffer Overflow Primer Part 1 (Smashing the Stack)

In this video we will look at how the program stack can be corrupted by a buffer overflow, how the EIP can be made to point at an arbitrary location in code as a consequence and how one can exploit such a condition.

http://www.securitytube.net/Buffer-Overflow-Primer-Part-1-(Smashing-the-Stack)-video.aspx

Lots more videos to come in this series.


Comments and Feedback welcome!

Options: ReplyQuote
Re: Buffer Overflow Primer Videos
Posted by: Anarchy Angel
Date: April 24, 2009 11:31AM

can anyone make the magic happen "buffer overflow" on a unbuntu 8.x box?? no matter wat i do i cant overwrite eip

Options: ReplyQuote
Re: Buffer Overflow Primer Videos
Posted by: ramaz
Date: April 24, 2009 11:09PM

Check if VA Space Randomization is enabled (its done by default in 2.6x kernels)

cat /proc/sys/kernel/randomize_va_space

Options: ReplyQuote
Re: Buffer Overflow Primer Videos
Posted by: ramaz
Date: April 25, 2009 11:15AM

Hello All,

Here are the next 2 videos in the Buffer Overflow Primer Series:

2. Writing Shellcode - we will take a very simple case of converting the exit() syscall into shellcode

http://securitytube.net/Buffer-Overflow-Primer-Part-2-(Writing-Exit-Shellcode)-video.aspx


3. Executing Shellcode - we will look at how to write a simple C program to test the shellcode we wrote in the previous video


http://securitytube.net/Buffer-Overflow-Primer-Part-3-(Executing-Shellcode)-video.aspx



Many more to come in this series!

Options: ReplyQuote
Re: Buffer Overflow Primer Videos
Posted by: ramaz
Date: April 30, 2009 06:52AM

Hello All,

Next 2 videos in this series are online now:

4. Disassembling Execve:

In this video we will look at how to invoke execve in assembly.

http://securitytube.net/Buffer-Overflow-Primer-Part-4-(Disassembling-Execve)-video.aspx

5. Creating Shellcode for Execve:

In thie video we will look at how to create shellode for invoking the execve syscall.

http://securitytube.net/Buffer-Overflow-Primer-Part-5-(Shellcode-for-Execve)-video.aspx

More videos to come in this series!

Comments and Feedback welcome!

Options: ReplyQuote
Re: Buffer Overflow Primer Videos
Posted by: ramaz
Date: May 05, 2009 10:48AM

Hello All,

I just completed a couple of more videos in this series. So here goes:

6. Exploiting a vulnerable program:

In this video we will understand how to overwrite the stack with our shellcode and exploit a vulnerable program.

http://securitytube.net/Buffer-Overflow-Primer-Part-6-(Exploiting-a-Program)-video.aspx


7. Demo of an actual exploitation:

This will consist of a demo of an actual exploitation based on the theory learnt in the previous video.

http://securitytube.net/Buffer-Overflow-Primer-Part-7-(Exploiting-a-Program-Demo)-video.aspx



8. Return to Libc theory:

2.6 kernel onwards the stack was made Non-Executable, thus rendering the tradional buffer overflow attacks useless. In this video we will understand how we can subvert this protection using a technique called "Return to Libc"

http://securitytube.net/Buffer-Overflow-Primer-Part-8-(Return-to-Libc-Theory)-video.aspx



9. Demo of exploiting using Return to Libc:

This will consist of an actual demo by using a vulnerable program.

http://securitytube.net/Buffer-Overflow-Primer-Part-9-(Return-to-Libc-Demo)-video.aspx




Comments and Feedback welcome!

Options: ReplyQuote
Re: Buffer Overflow Primer Videos
Posted by: Gareth Heyes
Date: May 05, 2009 11:00AM

@ramaz

Thanks great work, I'll be looking through all these videos! They are really helpful and interesting. Keep up the good work

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Re: Buffer Overflow Primer Videos
Posted by: ramaz
Date: May 22, 2009 08:49AM

Thanks @Gareth Heyes!

Hello All,

Just wanted to add 2 more videos on Advanced Buffer Overflow techniques:

1. Exploiting Buffer Overflows on systems with linux kernel without ASLR

http://securitytube.net/Exploiting-Buffer-Overflows-on-Linux-Kernels-without-ASLR-video.aspx

2. Exploiting Buffer Overflows on systems with ASLR enabled in the kernel using a Brute Force on the Stack

http://securitytube.net/Exploiting-Buffer-Overflows-on-kernels-with-ASLR-enabled-using-Brute-Force-on-the-Stack-Layer-video.aspx

These videos have been made by BlackLight from http://blacklight.gotdns.org/ .


Enjoy!

Options: ReplyQuote
Re: Buffer Overflow Primer Videos
Posted by: ashish771
Date: March 02, 2012 11:48PM

Btw, SecurityTube now offers professional certifications for Wireless, Metasploit etc. and also gives our free course material to universities for use: http://securitytube-training.com

Options: ReplyQuote


Sorry, only registered users may post in this forum.