Buffer Overflows Made Easy - Part 2: Spiking

I hope you enjoyed this video! If so, please consider dropping a like and subscribing. <3

TCMSecurityAcademy

My life has become so easy after watching these tutorial series. I am getting prepared for OSCP exam, I could root almost any Linux box but always start shitting bricks when I hear about buffer overflow :D . Great tutorials.

jeviounipers

Amazing videos thanks mate! Been working in web app and mobile app security for many years but have never really been too well versed on low-level vulnerabilities past the basics. Decided I should finally step out my comfort zone and I have to say these videos are so informative, concise and easy to understand. Great work.

-bubby

This is one of the best series about buffer overflow, still relevant today ! Yr 2025❤

jacklee

Dude I just started studying for the eCPPT, and they hit the ground running with buffer overflow stuff. I was hitting major panic mode till I found these videos. This is much clearer to me now!

quirkykirkplays

Thank you!!! You are the best explaining this, thank you man really i hope you read this, i owe you some beers

Fzr_OPs

Hi...I have a i do the same actions described in video on my own .exe file then... how to know the commands of my exe file ?..like STATS and TRUN are valid commands for vulnserver.exe then how to know valid commands of my own .exe ....?..please guide

kapzb

i cant see vulnserver in the list when i try to attach it in immunity debugger .What should I do?

pranavtalanki

Amazing lesson, had a thew problems with the virtual box not being able to netcat, however solved these problems by using Kali on VMWare Pro instead. Very informative and learnt a lot when listening thanks again :)

Nalllyyy

Brilliant video, quite helpful. Thanks!

karanbhayani

Hi,
I am facing an issue in completing the fuzzing activity. I can ping from the 32-bit windows VM to my Kali, but when I start to fuzz, I am receiving an error message saying " Couldn't TCP connect to the target
". from my kali machine.

ranasec

./generic_send_tcp: undefined symbol: s_readline




Anyone know how to get around this, please??

SeanKelly-uthe

Question from a monitoring perspective. How would you know if youve been able to flood the EIP memory space if you were trying to do a buffer overflow from an outside source without using the debugger that would normally detect (or at leaat see) this sort of memory space violations. This was great to see and you put it together very well, but you were able to see the results of your script in the memory space. If that was not available (say you were black boxing) how could you determine where the eip space began so you could determine what steps to take next?

jonathanreading

return value not accepted on line: error on kali linux terminal..how can i fix this

ankitmehra

working like a charm... thanks for all

sardorruziyev

How can I see during spiking on attacking machine that the server has crashed? Do I have to try to connect, after generic_send_tcp ran through?

jediwed

I'm a bit confused. What's the difference between Trun and STATS? Are they both inserting values into the buffer the exact same way?

alimsh

Make sure if you are using a virtual box for windows that you're using the bridged network setting and also disable your windows defender firewall

Sam-uxrw

the command generic_tcp_send
it doesn't work in ubentu

Diamond-l_l

Whenver I click on attach from file, I am unable to find vulnserver. I did run both of them as admin

exsurgeltd