We covered another scenario of exploiting a binary vulnerable to buffer overflow. This scenario presented a binary that takes user input and compares it to three predetermined strings based on which the binary will either store byte input into a defined memory address, allow the user to store 48 bytes into a variable whose size is 16 byte and lastly execute a system call to return the date. We exploited the BOF by creating a ROP chain that consists of first the offset, next the gadget address, third a memory address that we can control and store /bin/sh and lastly the memory address of the system call. This was part of HackTheBox HTB-Console Intro to binary exploitation track.. This was part of HackTheBox HTB-Console Intro to Binary Exploitation track.

Get Buffer Overflow Notes

Video Walkthrough

About the Author

Cybersecurity Trainer MS in Cybersecurity Expertise in Healthcare and Finance Industries Penetration tester and compliance auditor

View Articles