BOF icon indicating copy to clipboard operation
BOF copied to clipboard

verified publisher icon lavie3k

Metadata

Buffer Overflows

BOF

Buffer Overflows

1. BOF tips

  • Practice using mona.py
  • Download vulnerable exe from Exploit DB.
  • https://github.com/justinsteven/dostackbufferoverflowgood
  • https://esseum.com/win-32-buffer-overflow-walkthrough-exploiting-slmail-5-5/
  • It's easy 25 points !!! :D

2. Reference

https://www.vortex.id.au/2017/05/pwkoscp-stack-buffer-overflow-practice/

  • dostackbufferoverflowgood : This is good for understanding how BoF works. https://github.com/justinsteven/dostackbufferoverflowgood
  • SLmail v5.5 : Covered in OSCP guide(exercise) , try build your own exploit-code for BoF on different environments like Windows XP or Windows7 SP3, etc. https://www.exploit-db.com/exploits/638
  • FreeFloatFTP Server 1.0 : https://www.exploit-db.com/exploits/17546
  • VulnSever.exe : Covered in OSCP Lab, try build your own exploit-code for BoF on different environment
  • Minishare 1.4.1 : Covered in OSCP Lab, i built my own BoF exploit on Windows XP SP3 English and Windows 7 SP1. https://www.exploit-db.com/exploits/616
  • Savant 3.1 : https://www.exploit-db.com/exploits/18401
  • WarFTPd 1.6.5: https://www.exploit-db.com/exploits/3570
  • PCMAN FTP 2.0.7: https://www.exploit-db.com/exploits/26471

3. List link

  • https://www.exploit-db.com/exploits/40673/

  • http://camelinc.info/blog/2014/05/Aviosoft-Digital-TV-Player-Professional-1.0-Stack-Buffer-Overflow/

  • http://pusheax.com/exploit-writing-stack-based-buffer-overflow/

  • http://tekwizz123.blogspot.in/2014/02/bypassing-aslr-and-dep-on-windows-7.html?m=1

  • http://www.arti-sec.com/article/buffer-overflow-slmail-5504433-full-development

  • http://blog.gojhonny.com/2013/10/buffer-overflow-smashing-stack-tutorial.html

  • https://github.com/AnasFullStack/Penetration-Testing/blob/master/pwk/Win32_Buffer_Overflow_Exploitation.md

  • https://royleekiat.com/2016/01/15/buffer-overflow-attack-on-pcman-ftp-server-2-07-using-the-metasploit-framework-and-corelan-teams-mona-script/ *using msf

  • http://www.primalsecurity.net/0x3-python-tutorial-fuzzer/

  • http://0xdeadcode.se/archives/178 <-- minishare

  • https://bogner.sh/2016/04/the-hard-life-of-exploit-developers/

  • http://ch3rn0byl.com/intro-to-buffer-overflows/

  • http://netsec.ws/?p=180

  • https://t0w3ntum.wordpress.com/2016/07/22/buffer-overflows-and-you/ <--good scripts

  • http://n01g3l.tumblr.com/post/49036035399/linux-crossfire-v190-buffer-overflow

  • http://sh3llc0d3r.com/vulnserver-trun-command-buffer-overflow-exploit/

  • http://n01g3l.tumblr.com/post/49036035399/linux-crossfire-v190-buffer-overflow

  • http://www.primalsecurity.net/0x0-exploit-tutorial-buffer-overflow-vanilla-eip-overwrite-2/

  • http://www.securitysift.com/windows-exploit-development-part-2-intro-stack-overflow/

  • https://samsclass.info/127/proj/vuln-server.htm

  • http://www.fuzzysecurity.com/tutorials/expDev/2.html FreeFloat FTP

  • https://www.phillips321.co.uk/2012/08/02/writing-my-first-exploit-freefloat-ftp/

  • https://www.mattandreko.com/2013/04/06/buffer-overflow-in-hexchat-294/

  • http://proactivedefender.blogspot.in/2013/05/understanding-buffer-overflows.html?m=1

  • https://rootisthelimit.com/first-buffer-overflow/ <-- Ability 2.34

  • http://rgolebiowski.blogspot.in/2016/02/brain-pain.html

Metadata

26
Stars
6
Forks
Watchers

Owner

verified publisher icon lavie3k

Metadata

Buffer Overflows

Back