filmov
tv
Part-2 - Anatomy of a Python Scripted Remote Buffer Overflow w/ Joff Thyer
Показать описание
/// 🔗 Joff's classes at Antisyphon Training:
Introduction to Python
Enterprise Attack Emulation
Regular Expressions, You New Lifestyle
/// 🔗 Contact info:
Mastodon
Twitter / X
Discord
joffthyer
/// 🔗 Part 1
In this webcast, Joff will break down the Python language components of an exploit documented in CVE-2019-13577, targeting the Maple Computer WBT SNMP Administrator version 2.0.195.15. He will discuss the required Python language components, modules, and porting of the exploit from Python2 to Python3.
///Chapters
00:00 - Begin Part 2
00:15 - Code debugging strategy, SafeSEH, ASLR
02:40 - 32-bit vs 64-bit programs
03:06 - Verify app vulnerability with Ollydbg
05:34 - Memory disassembly to find opcode
07:41 - Watch the app crash in Ollydbg
08:44 - What did we learn?
12:06 - Walkthrough - exploit run on Windows 7 - failed
13:59 - Q&A
14:15 - Next steps after stack-based x86 BOF - heap overflows, ROP chains
17:36 - Would this exploit work using SOCK_DGRAM?
18:08 - Byte order, size matters?
19:30 - How does ASLR affect the exploit?
20:31 - Does buffer overflow work nowadays?
23:05 - Challenges observing the exploit in Ollydbg
24:08 - Where can I get this buffer oveflow code?
///Antisyphon Socials
///Antisyphon Training
///Antisyphon Shirts
///Educational Infosec Content
///Backdoors & Breaches - Incident Response Card Game
#bhis #antisyphon #infosec #CyberSecurity #training #python
Introduction to Python
Enterprise Attack Emulation
Regular Expressions, You New Lifestyle
/// 🔗 Contact info:
Mastodon
Twitter / X
Discord
joffthyer
/// 🔗 Part 1
In this webcast, Joff will break down the Python language components of an exploit documented in CVE-2019-13577, targeting the Maple Computer WBT SNMP Administrator version 2.0.195.15. He will discuss the required Python language components, modules, and porting of the exploit from Python2 to Python3.
///Chapters
00:00 - Begin Part 2
00:15 - Code debugging strategy, SafeSEH, ASLR
02:40 - 32-bit vs 64-bit programs
03:06 - Verify app vulnerability with Ollydbg
05:34 - Memory disassembly to find opcode
07:41 - Watch the app crash in Ollydbg
08:44 - What did we learn?
12:06 - Walkthrough - exploit run on Windows 7 - failed
13:59 - Q&A
14:15 - Next steps after stack-based x86 BOF - heap overflows, ROP chains
17:36 - Would this exploit work using SOCK_DGRAM?
18:08 - Byte order, size matters?
19:30 - How does ASLR affect the exploit?
20:31 - Does buffer overflow work nowadays?
23:05 - Challenges observing the exploit in Ollydbg
24:08 - Where can I get this buffer oveflow code?
///Antisyphon Socials
///Antisyphon Training
///Antisyphon Shirts
///Educational Infosec Content
///Backdoors & Breaches - Incident Response Card Game
#bhis #antisyphon #infosec #CyberSecurity #training #python
0:15:19
0:14:16
0:08:58
0:10:16
0:12:01
0:11:44
0:10:29
0:07:18
4:14:46
0:10:41
0:10:23
0:09:04
0:10:55
0:09:44
0:23:58
0:09:57
0:07:19
0:09:51
0:18:55
0:09:04
0:09:34
0:10:01
0:10:44
0:09:34