Buffer Overflow Prep — OverFlow1- TryHackMe

0xsanz
5 min readSep 29, 2020

This is a write-up for Buffer Overflow Prep room by Tib3rius on Try Hack Me in notes style format.

Useful Links
=======

https://github.com/Tib3rius/Pentest-Cheatsheets/blob/master/exploits/buffer-overflows.rst
https://tryhackme.com/room/bufferoverflowprep

Fuzzing with long input Strings
==================
⇒ python3 -c ‘print (“A” * 5000)’ ⇒ Generate lots of As
⇒ Run oscp.exe in Immunity Debugger on the target
⇒ Connect with netcat and send these A’s to target : OVERFLOW1 AAAA….5000 times
⇒ OSCP.exe crashes indicated we can exploit this using Buffer Overflow.

MSF Pattern create
===========
⇒ msf-pattern_create -l 5000
⇒ send over to the target exe via nc session only.

Mona Config
========
⇒ !mona config -set workingfolder c:\mona\%p ⇒ Run this in Immunity

Finding Offset
========
⇒ In Immunity Debugger note the EIP after sending the pattern and crashing the exe.

--

--

0xsanz
0xsanz

Written by 0xsanz

Software Developer having keen interest in Security, Privacy and Pen-testing. Certs:- Security+,PenTest+,AZ900,AZ204,AZ500

No responses yet