BOF
Buffer Overflows
1. BOF tips
- Practice using mona.py
- Download vulnerable exe from Exploit DB.
- https://github.com/justinsteven/dostackbufferoverflowgood
- https://esseum.com/win-32-buffer-overflow-walkthrough-exploiting-slmail-5-5/
- It's easy 25 points !!! :D
2. Reference
https://www.vortex.id.au/2017/05/pwkoscp-stack-buffer-overflow-practice/
- dostackbufferoverflowgood : This is good for understanding how BoF works. https://github.com/justinsteven/dostackbufferoverflowgood
- SLmail v5.5 : Covered in OSCP guide(exercise) , try build your own exploit-code for BoF on different environments like Windows XP or Windows7 SP3, etc. https://www.exploit-db.com/exploits/638
- FreeFloatFTP Server 1.0 : https://www.exploit-db.com/exploits/17546
- VulnSever.exe : Covered in OSCP Lab, try build your own exploit-code for BoF on different environment
- Minishare 1.4.1 : Covered in OSCP Lab, i built my own BoF exploit on Windows XP SP3 English and Windows 7 SP1. https://www.exploit-db.com/exploits/616
- Savant 3.1 : https://www.exploit-db.com/exploits/18401
- WarFTPd 1.6.5: https://www.exploit-db.com/exploits/3570
- PCMAN FTP 2.0.7: https://www.exploit-db.com/exploits/26471
3. List link
-
http://camelinc.info/blog/2014/05/Aviosoft-Digital-TV-Player-Professional-1.0-Stack-Buffer-Overflow/
-
http://pusheax.com/exploit-writing-stack-based-buffer-overflow/
-
http://tekwizz123.blogspot.in/2014/02/bypassing-aslr-and-dep-on-windows-7.html?m=1
-
http://www.arti-sec.com/article/buffer-overflow-slmail-5504433-full-development
-
http://blog.gojhonny.com/2013/10/buffer-overflow-smashing-stack-tutorial.html
-
http://0xdeadcode.se/archives/178 <-- minishare
-
https://bogner.sh/2016/04/the-hard-life-of-exploit-developers/
-
https://t0w3ntum.wordpress.com/2016/07/22/buffer-overflows-and-you/ <--good scripts
-
http://n01g3l.tumblr.com/post/49036035399/linux-crossfire-v190-buffer-overflow
-
http://sh3llc0d3r.com/vulnserver-trun-command-buffer-overflow-exploit/
-
http://n01g3l.tumblr.com/post/49036035399/linux-crossfire-v190-buffer-overflow
-
http://www.primalsecurity.net/0x0-exploit-tutorial-buffer-overflow-vanilla-eip-overwrite-2/
-
http://www.securitysift.com/windows-exploit-development-part-2-intro-stack-overflow/
-
http://www.fuzzysecurity.com/tutorials/expDev/2.html FreeFloat FTP
-
https://www.phillips321.co.uk/2012/08/02/writing-my-first-exploit-freefloat-ftp/
-
https://www.mattandreko.com/2013/04/06/buffer-overflow-in-hexchat-294/
-
http://proactivedefender.blogspot.in/2013/05/understanding-buffer-overflows.html?m=1
-
https://rootisthelimit.com/first-buffer-overflow/ <-- Ability 2.34