Format String to dump binary and gain RCE - 33c3ctf ESPR (pwn 150)
Solving Eat Sleep Pwn Repeat (ESPR - 150 pwn) challenge from the 33c3ctf. Dumping the binary through a format string vulnerability, leaking libc addresses in the global offset table, finding the matching libc and overwriting printf@got with system() to get RCE.
-=[ 🔴 Stuff I use ]=-
→ Microphone:* https://geni.us/ntg3b
→ Graphics tablet:* https://geni.us/wacom-intuos
→ Camera#1 for streaming:* https://geni.us/sony-camera
→ Lens for streaming:* https://geni.us/sony-lense
→ Connect Camera#1 to PC:* https://geni.us/cam-link
→ Keyboard:* https://geni.us/mech-keyboard
→ Old Microphone:* https://geni.us/mic-at2020usb
US Store Front:* https://www.amazon.com/shop/liveoverflow
-=[ ❤️ Support ]=-
→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ 🐕 Social ]=-
→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/
-=[ 📄 P.S. ]=-
All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
#CTF #FormatString #BinaryExploitation
Видео Format String to dump binary and gain RCE - 33c3ctf ESPR (pwn 150) канала LiveOverflow
-=[ 🔴 Stuff I use ]=-
→ Microphone:* https://geni.us/ntg3b
→ Graphics tablet:* https://geni.us/wacom-intuos
→ Camera#1 for streaming:* https://geni.us/sony-camera
→ Lens for streaming:* https://geni.us/sony-lense
→ Connect Camera#1 to PC:* https://geni.us/cam-link
→ Keyboard:* https://geni.us/mech-keyboard
→ Old Microphone:* https://geni.us/mic-at2020usb
US Store Front:* https://www.amazon.com/shop/liveoverflow
-=[ ❤️ Support ]=-
→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ 🐕 Social ]=-
→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/
-=[ 📄 P.S. ]=-
All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
#CTF #FormatString #BinaryExploitation
Видео Format String to dump binary and gain RCE - 33c3ctf ESPR (pwn 150) канала LiveOverflow
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
PHP include and bypass SSRF protection with two DNS A records - 33c3ctf list0r (web 400)
Global variable Buffer Overflow to leak memory - 34C3 CTF readme_revenge (pwn)
Attacking an Electronic Combination Lock (ft. Electronics Idiot)
Format String Exploit Troubleshooting Over Twitter - bin 0x11 b
What do Nintendo Switch and iOS 9.3 have in common? CVE-2016-4657 walk-through
What is a Browser Security Sandbox?! (Learn to Hack Firefox)
Reversing and Cracking first simple Program - bin 0x05
Solving a JavaScript crackme: JS SAFE 2.0 (web) - Google CTF 2018
Failing easy local file inclusion challenge - mindreader (misc) Google CTF 2017
Why MissingNo Multiplies Items!
int0x80 from DualCore lent me his lockpicking set and I'm a horse - BruCON CTF part 2
Reversing an unkown digital protocol with an Arduino - rhme2 Whac the mole (misc 200)
Crazy Steam Phishing Page
A simple Format String exploit example - bin 0x11
XSS on the Wrong Domain T_T - Tech Support (web) Google CTF 2020
Let’s play a game: what is the deadly bug here?
MMORPG Bot Reverse Engineering and Tracking
Breaking AES with ChipWhisperer - Piece of scake (Side Channel Analysis 100)
XS-Search abusing the Chrome XSS Auditor - filemanager 35c3ctf
Analysing a Collection of Windows Binaries and Embedded Resources - FLARE-On 2018