Format String to dump binary and gain RCE - 33c3ctf ESPR (pwn 150)
Solving Eat Sleep Pwn Repeat (ESPR - 150 pwn) challenge from the 33c3ctf. Dumping the binary through a format string vulnerability, leaking libc addresses in the global offset table, finding the matching libc and overwriting printf@got with system() to get RCE.
-=[ 🔴 Stuff I use ]=-
→ Microphone:* https://geni.us/ntg3b
→ Graphics tablet:* https://geni.us/wacom-intuos
→ Camera#1 for streaming:* https://geni.us/sony-camera
→ Lens for streaming:* https://geni.us/sony-lense
→ Connect Camera#1 to PC:* https://geni.us/cam-link
→ Keyboard:* https://geni.us/mech-keyboard
→ Old Microphone:* https://geni.us/mic-at2020usb
US Store Front:* https://www.amazon.com/shop/liveoverflow
-=[ ❤️ Support ]=-
→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ 🐕 Social ]=-
→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/
-=[ 📄 P.S. ]=-
All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
#CTF #FormatString #BinaryExploitation
Видео Format String to dump binary and gain RCE - 33c3ctf ESPR (pwn 150) канала LiveOverflow
-=[ 🔴 Stuff I use ]=-
→ Microphone:* https://geni.us/ntg3b
→ Graphics tablet:* https://geni.us/wacom-intuos
→ Camera#1 for streaming:* https://geni.us/sony-camera
→ Lens for streaming:* https://geni.us/sony-lense
→ Connect Camera#1 to PC:* https://geni.us/cam-link
→ Keyboard:* https://geni.us/mech-keyboard
→ Old Microphone:* https://geni.us/mic-at2020usb
US Store Front:* https://www.amazon.com/shop/liveoverflow
-=[ ❤️ Support ]=-
→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ 🐕 Social ]=-
→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/
-=[ 📄 P.S. ]=-
All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
#CTF #FormatString #BinaryExploitation
Видео Format String to dump binary and gain RCE - 33c3ctf ESPR (pwn 150) канала LiveOverflow
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
PHP include and bypass SSRF protection with two DNS A records - 33c3ctf list0r (web 400)Global variable Buffer Overflow to leak memory - 34C3 CTF readme_revenge (pwn)Attacking an Electronic Combination Lock (ft. Electronics Idiot)Format String Exploit Troubleshooting Over Twitter - bin 0x11 bWhat do Nintendo Switch and iOS 9.3 have in common? CVE-2016-4657 walk-throughWhat is a Browser Security Sandbox?! (Learn to Hack Firefox)Reversing and Cracking first simple Program - bin 0x05Solving a JavaScript crackme: JS SAFE 2.0 (web) - Google CTF 2018Failing easy local file inclusion challenge - mindreader (misc) Google CTF 2017Why MissingNo Multiplies Items!int0x80 from DualCore lent me his lockpicking set and I'm a horse - BruCON CTF part 2Reversing an unkown digital protocol with an Arduino - rhme2 Whac the mole (misc 200)Crazy Steam Phishing PageA simple Format String exploit example - bin 0x11XSS on the Wrong Domain T_T - Tech Support (web) Google CTF 2020Let’s play a game: what is the deadly bug here?MMORPG Bot Reverse Engineering and TrackingBreaking AES with ChipWhisperer - Piece of scake (Side Channel Analysis 100)XS-Search abusing the Chrome XSS Auditor - filemanager 35c3ctfAnalysing a Collection of Windows Binaries and Embedded Resources - FLARE-On 2018