Leaking Values with printf (Format String Vuln) - Search Engine - [Intigriti 1337UP LIVE CTF 2022]

preview_player
Показать описание
2nd Pwn video from @intigriti 1337UP LIVE CTF 2022: "Search Engine". We'll take a quick look at format string vulnerabilities (printf) to see how we can leak values off the stack and make a PwnTools fuzzing script to automate the process. Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #BinaryExploitation #BufferOverflow #BinExp #RE #Pwn #PwnTools

↢Social Media↣

↢Intigriti↣

↢Resources↣

↢Chapters↣
Start: 0:00
Basic File Checks: 0:22
Disassemble with Ghidra: 0:59
Dynamic Analysis with GDB-PwnDbg: 3:12
Leaking Values off the Stack with printf(): 4:34
PwnTools Script (Fuzzing): 6:25
End: 9:07
  1. CryptoCat
  2. Search Engine
  3. intigriti
  4. 1337
  5. 1337up
  6. 1337UpLive
Рекомендации по теме
Leaking Values with 0:09:31

Leaking Values with printf (Format String Vuln) - Search Engine - [Intigriti 1337UP LIVE CTF 2022]

Format String printf 0:19:44

Format String printf Vulnerabilities (PicoCTF 2022 #46 'flag-leak')

A simple Format 0:10:01

A simple Format String exploit example - bin 0x11

7: Format String 0:18:32

7: Format String Vulnerabilities (printf) - Buffer Overflows - Intro to Binary Exploitation (Pwn)

Leaking the Stack 0:13:01

Leaking the Stack / Printf Format Vulnerability | echooo [32] picoCTF 2018

printf leak - 0:04:49

printf leak - CTF Cookbook - pwn

Format String to 0:13:25

Format String to dump binary and gain RCE - 33c3ctf ESPR (pwn 150)

Format String Exploits 0:17:05

Format String Exploits - Writing Data

9: Overwriting Global 0:26:56

9: Overwriting Global Offset Table (GOT) Entries with printf() - Intro to Binary Exploitation (Pwn)

10: Bypassing Stack 0:14:49

10: Bypassing Stack Canaries (leak + write) - Buffer Overflows - Intro to Binary Exploitation (Pwn)

Format String Vulnerabilities 1:03:32

Format String Vulnerabilities – The Impact Of A Leaky Program

Format String Exploit 0:11:58

Format String Exploit and overwrite the Global Offset Table - bin 0x13

Triple printf exploit 0:20:04

Triple printf exploit for libc leak and one_gadget - LACTF2023 - pwn/rickroll

Introduction to format 0:11:21

Introduction to format string vulnerabilities

Exploiting Format String 0:36:24

Exploiting Format String vulnerabilities tutorial - pwn106 - PWN101 | TryHackMe

printf exploit in 0:20:45

printf exploit in the data section - UTCTF 2023 - pwn/printfail

you need to 0:07:07

you need to stop using print debugging (do THIS instead)

8: Leak PIE 0:31:12

8: Leak PIE (bypass) and Lib-C (ret2system) - Buffer Overflows - Intro to Binary Exploitation (Pwn)

Format String Exploit 0:24:59

Format String Exploit Troubleshooting Over Twitter - bin 0x11 b

Format String Exploits 0:09:47

Format String Exploits - Introduction

Format String Vulnerability: 0:10:44

Format String Vulnerability: Leak Content from the Stack

pwn/rut-roh-relro - LACTF2023 0:13:31

pwn/rut-roh-relro - LACTF2023 - Challenge Writeup (printf libc leak + printf to stack ROP)

Leet Test [easy]: 1:01:15

Leet Test [easy]: HackTheBox Pwn Challenge (format string write exploit with pwntools)

Why Printf is 0:08:06

Why Printf is Magically Breaking Your Program.

Комментарии
Автор

You can solve this one manually, without PwnTools by entering:

%12$p %13$p %14$p %15$p

Take the pointers that are leaked from the stack, and decode:

_CryptoCat
Автор

Hey what theme do you use for your terminal ?

nintendotyrelle
Автор

Too much content to catch up. you on fire, omg.

longdashes
Автор

Did you know how "run < file.txt" this command will be in radar2?

Shlldn
Автор

Your channel is literally the best place to land if you're trying to learn binexp. Keep the videos coming!

tadeuszwachowski
Автор

Excellent video as always! Thank you! If you take requests, could you do a blind ROP example at some point?

vstorm
Автор

flag from 10 to 15, whay you give 12-16 in thee script? not from 10?

anugrahgilangramadhan