We covered another scenario of exploiting a binary vulnerable to buffer overflow. This scenario presented a binary that takes user input and compares it to three predetermined strings based on which the binary will either store byte input into a defined memory address, allow the user to store 48 bytes into a variable whose size is 16 byte and lastly execute a system call to return the date. We exploited the BOF by creating a ROP chain that consists of first the offset, next the gadget address, third a memory address that we can control and store /bin/sh and lastly the memory address of the system call. This was part of HackTheBox HTB-Console Intro to binary exploitation track.. This was part of HackTheBox HTB-Console Intro to Binary Exploitation track.

Video Walkthrough

Buffer Overflow, CTF Writeups, HackTheBox, HackTheBox HTB-Console

Show Comments

Motasem

About the Author

I create cybersecurity notes, digital marketing notes and online courses. I also provide digital marketing consulting including but not limited to SEO, Google & Meta ads and CRM administration.

View Articles

Buffer Overflow Explained | P22 | ROP Chains | HackTheBox HTB-Console

Leave a Reply Cancel reply

Motasem

About the Author

Other stories

Blind SQL Injection With Python | OverTheWire Natas Level 15

Microsoft DREAD Framework Explained | Threat Modeling | TryHackMe

Press ESC to close

Buffer Overflow Explained | P22 | ROP Chains | HackTheBox HTB-Console

Leave a Reply Cancel reply

Motasem

About the Author

Share Article:

Other stories

Blind SQL Injection With Python | OverTheWire Natas Level 15

Microsoft DREAD Framework Explained | Threat Modeling | TryHackMe