How They Hack: Buffer Overflow & GDB Analysis - James Lyne

preview_player
Показать описание
Following on from the simple buffer overflow demonstration this shows a more focused use of the ability to overwrite data enabling an attacker to control the return pointer and have the computer execute alternative code. We step through a simple binary, identify the flaw and then exploit it. This video will likely raise more security and exploitation questions than answer them (it is a big topic) but I hope that it inspires interest and enhances your understanding a little.
  1. James Lyne
  2. exploit
  3. cyber security
  4. cyber crime
  5. james lyne
  6. SANS 660
Рекомендации по теме
how do hackers 0:08:25

how do hackers exploit buffers that are too small?

How They Hack: 0:07:37

How They Hack: Simple Buffer Overflow

Running a Buffer 0:17:30

Running a Buffer Overflow Attack - Computerphile

How They Hack: 0:16:06

How They Hack: Buffer Overflow & GDB Analysis - James Lyne

What is a 0:02:24

What is a Buffer Overflow Attack?

why do hackers 0:05:42

why do hackers love strings?

HACKED! How a 0:25:50

HACKED! How a Buffer Overflow Exploit works, plus Code Red!

Exploits Explained: How 0:09:08

Exploits Explained: How Log4j, Buffer Overflows and Other Exploits Work

Buffer Overflow 0:05:58

Buffer Overflow

Ethical Hacking - 0:04:29

Ethical Hacking - How Buffer Overflow Attacks Work

How to exploit 0:09:44

How to exploit a buffer overflow vulnerability - Practical

Strings can get 0:09:04

Strings can get you hacked! (buffer overflows, strcpy, and gets)

Buffer Overflows Made 1:43:21

Buffer Overflows Made Easy (2022 Edition)

Buffer Overflows Made 0:08:54

Buffer Overflows Made Easy - Part 1: Introduction

How to hack 0:08:07

How to hack back to the basic (Remote buffer overflow)

TryHackMe! Buffer Overflow 0:30:33

TryHackMe! Buffer Overflow & Penetration Testing

Writing a Simple 0:19:41

Writing a Simple Buffer Overflow Exploit

Ethical Hacking - 0:03:01

Ethical Hacking - Examples of Buffer Overflow Attacks

How Do Hackers 0:00:30

How Do Hackers Hack / From Buffer Overflows to APTs

17 Introduction to 0:05:00

17 Introduction to Buffer Overflows.mp4 | Hacking with kali | Hack The Planet

Buffer overflow on 0:12:17

Buffer overflow on a modern system impossible? stack0: part 1 - bin 0x21

simple buffer overflow 0:04:57

simple buffer overflow attack/hack

First Exploit! Buffer 0:12:23

First Exploit! Buffer Overflow with Shellcode - bin 0x0E

How One Hack 0:01:37

How One Hack Destroyed An Entire Country

Комментарии
Автор

Seems you’ve stopped posting vids...but this is by far the best intro to BO and gdp our there. I salute you good sir, and please come back!

mrbangkockney
Автор

This guy is freaking awesome. He explains it so much better than my professor :D.

segintendorocks
Автор

This is literally some of the best and practical explaination conveyed so nicely, a low level stuff (pun intended :D), great respect

muhammadkashif
Автор

Best video explanation of this seemingly complicated topic, thank you!

OVVAISNAB
Автор

Hi James, very nice video. I am interested in system programming, and it is so difficult to find a tutorial video like this. Please don't stop.

rj-njuk
Автор

sooo helpful - would have been up all night doing my pset if it weren't for this video

trishaatluri
Автор

How did you find the return pointer just by looking at the stack?

bjarkismari
Автор

The only thing that is NOT CLEAR from this video is how you guessed the return address? How did you know exactly which address should be replaced by B ascii values?

BeSharpInCSharp
Автор

I am delighted, acquire so much understandable infromations, TY man!

shyngyskerimbekov
Автор

This video is really high quality content! <3

ca
Автор

This video was so helpful, I watched it twice :)

JannisAdmek
Автор

Thanks for this wonderful analysis video....

manojamrutharaj
Автор

I understood properly, thank you sir for the video

GURUYATHI
Автор

If i want to put a shellcode, the return address is the bottom of the stacj, isn't it ?

alex
Автор

thank you so much for clear explanation. Please where can I find a full course of your courses ?

mohammadahmedragab
Автор

I do the same exact step but i only have seg fault. Can It be because the Memory region of my eip( return pointer) Is only readable?

claudiocostanzo
Автор

Thank I have a little problem, saying that I can write into the buffer through an argv[1] once I figure how much character I need and I figute what the return pointer address is, if I execute ./program my payload + p32(address I need in hex) when I check gdb the return address changed but not to the address I need it to be, as if it read the "\" and the "x" of the little endian p32 as a value on their own, how can I change that?

ahmedlimam
Автор

8:50 I'm really confused on how he can tell it's the return pointer

kooners
Автор

Why does the stack store new data towards the return pointer? Wouldn't going the opposite way ensure rp is never touched?

User-cvee
Автор

When you print the stack with x/##x $esp, the first address that you call the offset, is that just the first address of the following 4 * 4 bytes?

evilmulle