Buffer Overflow

This topic has 4 replies, 4 voices, and was last updated 8 years, 7 months ago by cd1zz.

Viewing 4 reply threads

Author

Posts
- July 3, 2012 at 6:31 am #7695
  
  skk
  Participant
  
  HI Guys,
  
  I am preparing for OSCP, i am new to buffer overflow, can someone point out a good ref material on this topic for beginners
- July 3, 2012 at 12:11 pm #47979
  
  MaXe
  Participant
  
  Corelan tutorials and of course the PWB course you are doing.
  (Link: http://corelan.be/index.php/category/security/exploit-writing-tutorials/ )
- July 3, 2012 at 12:43 pm #47980
  
  skk
  Participant
  
  yup , i am repeating the videos several times and slowly getting the hang of things now. Thanks for the response.
  
  I will also check the link you mentioned.
- July 7, 2012 at 5:04 am #47981
  
  dbest
  Participant
  
  @skk – even I struggled with the buffer overflow material of OSCP and wasted most of my lab time.
  
  I finally managed to figure it out when I tested it in my own lab and got a shell on the victim machine. Hence my suggestion, move on with the rest of the course and do not waste your lab time on buffer overflow exploitation. Once your lab time is up, you can focus on testing it locally.
- July 7, 2012 at 5:34 pm #47982
  
  cd1zz
  Participant
  
  After you get a feel for how a basic stack overflow works, go to exploit-db and recreate as many exploits as possible. Meaning, down load the vulnerable software, try to find the bug your self and recreate the exploit. It’s the best practice you can get.
  
  I also highly recommend downloading “Freefloat FTP Server” there are a hundred buffer overflows in it and its a fantastic way to practice.
Author

Posts