Buffer Overflow Exploitation with Immunity Debugger | TryHackMe Buffer Overflow

Описание: 📄 Cyber Security Certification Notes & Cheat Sheets
https://buymeacoffee.com/notescatalog...
🚀(2nd link) Cyber Security Certification Notes & Cheat Sheets
https://shop.motasem-notes.net/collec...
💡Cyber Security Notes | Membership Access
https://buymeacoffee.com/notescatalog...
🧩Cybersecurity Direct Coaching & Mentoring
https://shop.motasem-notes.net/collec...
🔥Download FREE Cyber Security 101 Study Notes
https://buymeacoffee.com/notescatalog...
🧠 Get Strategic cyber security and tech insights weekly to your email by joining my newsletter below
https://buymeacoffee.com/notescatalog...
📊Blog Writeups
https://www.motasem-notes.net
***
We covered the first part of buffer overflow training using TryHackMe Buffer Overflow room which is part of the OSCP pathway. In this part, we used the IDE, immunity debugger, to perform the debugging and analysis of the executable binaries to discover buffer overflow vulnerabilities.
*************
TryHackMe Buffer Overflow Prep
https://tryhackme.com/r/room/bufferov...
Writeup
https://motasem-notes.net/buffer-over...
********
Store
https://buymeacoffee.com/notescatalog...
Patreon
  / motasemhamdan  
Instagram
  / motasem.hamdan.tech  
Google Profile
https://maps.app.goo.gl/eLotQQb7Dm6ai...
LinkedIn
[1]:   / motasem-hamdan-7673289b  
[2]:   / motasem-eldad-ha-bb42481b2  
Instagram
  / mastermindstudynotes  
Twitter
  / manmotasem  
Facebook
  / motasemhamdantty  
***
0:00 - Introduction to Buffer Overflow Preparation
0:09 - Overview of Buffer Overflow Challenge on TryHackMe
0:37 - Deploying and Connecting to the Virtual Machine
1:03 - Opening Immunity Debugger and Vulnerable Application
1:30 - Understanding Buffer Overflow and Initial Setup
2:04 - Exploring the Application in Immunity Debugger
3:01 - Starting Fuzzing Process to Find Crash Point
4:00 - Creating and Running Fuzzing Script
5:30 - Determining Crash Point at 2000 Bytes
6:30 - Generating Pattern to Identify EIP Overwrite
8:04 - Creating Offset Pattern for EIP
9:05 - Running Exploit with Offset Pattern
9:55 - Confirming EIP Overwrite and Identifying Offset
11:08 - Adjusting Exploit for Correct Offset Value
12:35 - Restarting Application and Testing Offset
13:45 - Overwriting EIP with Controlled Value
15:00 - Identifying Bad Characters in the Payload
16:20 - Eliminating Bad Characters from Payload
17:55 - Using Mona to Analyze Bad Characters
19:10 - Finalizing Bad Character List
21:35 - Selecting Return Address and Preparing Payload
23:09 - Generating Exploit Code with MSFVenom
24:35 - Setting Up NOP Sled for Payload Execution
26:00 - Running Final Exploit and Receiving Reverse Shell
27:37 - Conclusion and Summary of Buffer Overflow Process