The sixth episode in a series covering x86 stack buffer overflows and how to exploit them. In this video, we look at Bad Characters - what they are and how to find them.
Full writeup available at: https://www.flipthebit.tech/articles/exploit-dev/buffer-overflow-101/#bad-characters
Vulnserver: https://github.com/stephenbradshaw/vulnserver
TryHackMe Room: https://tryhackme.com/room/bufferoverflowprep
Mona: https://github.com/corelan/mona
Immunity Debugger: https://www.immunityinc.com/products/debugger
Information is provided for educational purposes only. Security testing should only be performed against systems which you either own, or have permission to test against.
0:00 Intro
0:28 What are Bad Characters?
1:28 Creating Character Array
2:10 Bad Characters script
3:33 Debugging with Bad Characters
4:12 Mona: Getting started
4:42 Comparing Memory with Mona
5:43 Alternative Target Bad Characters
7:14 Bad Character Binary Search
8:14 Outro
