Buffer Overflow Lab

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
18 hours 43 minutes
Difficulty
Intermediate
CEU/CPE
22
Video Transcription
00:00
Welcome to the buffer overflow lab. Your lab objective is to follow the steps that you saw me just do to get a shell on the Windows host. Now I'm not gonna do a walk through because that's what I did during this whole module but I do want to set you up for success. So let's go into the lab.
00:19
Okay? So log into both boxes, yule log in with root Cali
00:26
on Lennox
00:28
and in your Windows box you'll see admin, log in with the password, admin.
00:35
Now you'll notice on the desktop, you have buffer overflow here, you have a number of you have two scripts
00:40
we're gonna first need to do is open up exploit
00:45
and you'll notice you have a proof of concept for your exploit but you know something this is bad chars dot txt, that's we're going to use for your bad characters. So
00:54
cut that out of here
00:57
and save this.
00:59
And then you can also add
01:03
something called
01:03
bad chars dot txt
01:08
and stick this in here for when you do your test for bad characters. Don't forget to test for bad characters.
01:18
All right. So we have immunity D bugger here. We have do stack buffer overflow. Good here.
01:23
So you can start immunity D. Bugger
01:30
and you'll notice it looks like this. So click see
01:34
and expand this window.
01:37
There we go.
01:38
What you want to do is you can open
01:42
or attach.
01:44
Well, we have to get that started for attached to work.
01:48
We can open do stack buffer overflow Good.
01:52
And like you'll see you'll need to press play a few times to proceed forward and make sure that this is listening.
01:59
So what you also need to do for test is you need to change your I. P. Address
02:09
1921681.
02:14
And this is
02:23
100.
02:24
100. All right.
02:29
So I just want to test this and make sure it works. Right.
02:38
So, we will test
02:43
sent python script. Hello, python script. You'll see
02:46
that
02:47
it was bytes received bytes sent client disconnected here, so we know it's working. Okay.
02:55
So the next thing to do of course, is to run our exploits script and see if this crashes.
03:02
So again I need to go and exploit.
03:05
I need to change the iP address.
03:08
21921681 100.
03:14
Save this
03:22
and exploit
03:23
that should crash.
03:28
You'll see ESPN overwritten
03:31
and Egypt is overwritten with your ace.
03:34
So from here that's where you do pattern, create and proceed forward. Check your bad characters, find your memory location.
03:39
Mona should be on here. Mona modules.
03:46
So don't forget that Mona is installed as well to help you out. So, follow the steps that I showed you during the entire lessons for this module. And you should be just finding getting your shell. Good luck.
04:00
Mhm.
Up Next