I explain what buffer overflows are and then do a hands-on practical demonstration of one way to custom script a buffer overflow exploit using python3, as I walk you through the "Gatekeeper", a medium rated box on tryhackme.
Writeups are available on my github: https://github.com/CTF-Walkthroughs
Previous CTF tutorial videos and writeups: https://www.benreitz.com
tags: enumerate, hash cracking, exploit, brute-force
Chapters:
0:00 Intro
1:43 k4li$urf3r theme song
2:29 Initial Enumeration
4:54 SMB Enumeration
6:39 File transfer between VMs
9:26 Immunity Debugger
12:12 fuzzing
14:20 find the offset
23:59 find the badchars
31:03 find the jmp points
37:42 create a payload
40:05 add NOPS
42:35 Foothold POC
43:27 Foothold on the target
47:22 Upgrade to a Meterpreter Shell
52:25 Gather Firefox Data
56:49 Credential Extraction
1:00:54 Login with PSexec
