Buffer Overflow P19 | Intro to Binary Exploitation | CTF Walkthrough

In this video walk-through, we covered a binary that has only PIE or Position Independent Executable enabled as a protection while NX was disabled. We analyzed the binary with Ghidra and GDB. We discovered that the binary leaks the memory address of the variable used to store the user input. Based on that, we also found that the binary reads up to 137 bytes of user input and stores it in a variable whose buffer size is 76 bytes which is the core vulnerability of this app. We caused segmentation fault based on that and found the offset to be 84 bytes. Based on the analysis above, we built the exploitation script carrying the connection parameter and the final payload. ********* Receive Cyber Security Field Notes and Special Training Videos https://www.youtube.com/channel/UCNSdU_1ehXtGclimTVckHmQ/join ********** Writeup https://motasem-notes.net/buffer-overflow-p2-intro-to-binary-exploitation-hackthebox-bat-computer/ HackTheBox Bat Computer https://app.hackthebox.com/challenges/168 ******** Patreon https://www.patreon.com/motasemhamdan?fan_landing=true Instagram https://www.instagram.com/dev.stuxnet/ Twitter https://twitter.com/ManMotasem Facebook https://www.facebook.com/motasemhamdantty/ LinkedIn [1]: https://www.linkedin.com/in/motasem-hamdan-7673289b/ [2]: https://www.linkedin.com/in/motasem-eldad-ha-bb42481b2/ Website https://www.motasem-notes.net Backup channel https://www.youtube.com/channel/UCF2AfcPUjr7r8cYuMvyRTTQ My Movie channel: https://www.youtube.com/channel/UCilElKPoXEaAfMf0bgH2pzA ******