Let’s continue with the second part of this lab. Full explanations of buffer overflows are always a great way to demonstrate how you should think about security.
00:00 Exploit Development: Looking Unknown Vulnerabilities.
00:47 What is the Extended Instruction Pointer?
01:55 Step 5
Calculate the distance to the EIP Register
03:24 Why do we need Endianness?
Big-endian (BE) & Little-Endian (LE)
05:15 Step 6
Redirect Program Execution
09:26 Step 7
10:29 Steps: Rapid review
Stack Buffer Overflow Part 1 & 2
Interesting Infosecaddicts Blogpost:
Click Here for other posts:
Join Our Free 21 Day hack-a-thon
Register Here: https://infosecaddicts.com/free-21-day-hack-a-thon
Some Courses you may be interested in
Malware Analysis [https://mailchi.mp/infosecaddicts/malware-analysis]
Reverse Engineering [https://mailchi.mp/infosecaddicts/reverse-engineering]
Network Penetration Tester [https://mailchi.mp/infosecaddicts/network-penetration-tester]
Web App Penetration Tester [https://mailchi.mp/infosecaddicts/web-app-penetration-tester]
Red Team professional
Joe has some free challenges available if you’re interested in joining in you can contact us using this link https://infosecaddicts.com/contact-us/.
You can also sign up for a customized plan https://infosecaddicts.com/customized-program/ if you need help/guidance in your career or in learning something new.
If you would like to learn more about our mentorship program, you can sign up here https://mailchi.mp/infosecaddicts/mentorship.
️Like /”InfosecAddicts/” on Facebook HERE: http://bit.ly/2WQCK9a
️Follow InfosecAddicts on Twitter HERE: http://bit.ly/2JbIsxJ.
Connect with us on LinkedIn http://bit.ly/LinkedIn_InfosecAddicts
This content is for educational purposes only. InfosecAddicts focuses on training and preparing professionals and enthusiasts, to perform Ethical Hacking, penetration testing tasks concentrate on prevention and security, and developing the advancement and discussion of the Cybersecurity Field.
TRADEMARK LEGAL NOTICE: All product names, logos, videos, and brands are the property of their respective owners in the United States and other countries. All company, product and service names used in this video are for identification purposes only. The use of these names, logos, and brands does not imply endorsement.
#ExploitDevelopment #SOCTier #StackBufferOverflow
Take the opportunity to connect and share this video with your friends and family if you find it useful.