A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


Introduction to buffer overflows from ISSA KY workshop 6 - Jeremy Druin (Hacking Illustrated Series InfoSec Tutorial Videos)

Introduction to buffer overflows from ISSA KY workshop 6 - Jeremy Druin

    This is the 6th in a line of classes Jeremy Druin will be giving on pen-testing and web app security featuring Mutillidae for the Kentuckiana ISSA. This one covers Metasploit. This recording is from the Kentucky ISSA Workshop #6 from the November 2012 meeting. In part 5, using Metasploit was covered. In this workshop, buffer overflow vulnerabilities were examined more closely to see how Metasploit exploits might be written. A custom program is written with a known buffer overflow and compiled without the stack canaries or non-executable stack. Also ASLR is disabled on the Ubuntu 12.04 testing host. The program is fuzzed to determine an overflow exists and decompiled with GDB to look at the program logic more closely. Python scripts are used to generate exploits that get closer to over-writing the return pointer with a user supplied value. Once the buffer overflow is identified and the size of the buffer found, the exploit development begins. A custom exploit is developed to inject shellcode into the buffer, determine a reasonable memory address in which to jump, and a root shell gained.


Video Tutorials: www.youtube.com/user/webpwnized
Video Index URL: http://www.irongeek.com/i.php?page=videos/web-application-pen-testing-tutorials-with-mutillidae 
YouTube Channel:  http://www.youtube.com/user/webpwnized
Twitter Updates: @webpwnized



Vulnerability Exploitation

 Metasploit Exploit Framework
  a. Framework
   i. Exploits
     Sorted by OS and/or Software
   ii. Payloads
     o Communications and function entangled
     o Load stage and handle communications
     Stages (note: Inplement shell, upexec, vncinject, meterpreter, etc.)
     o meterpreter
     o shell
     o vnc
     o mssql_payload
     o psexec
   iii. Post Exploit Modules
   iv. Auxillary Modules
   v. Interfaces
    1. msfconsole
     1. search <type>:<value> <string>
     2. help
     3. use
     4. show <what to show>
      i. payloads
      ii. exploits
      iii. post
      iv. auxillary
      v. <more>
    2. Metasploit Community Edition


Download from:

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast