21 hours 43 minutes
Welcome to the buffer overflow lab. Your lab objective is to follow the steps that you saw me just do to get a shell on the Windows host. Now I'm not gonna do a walk through because that's what I did during this whole module but I do want to set you up for success. So let's go into the lab.
Okay? So log into both boxes, yule log in with root Cali
and in your Windows box you'll see admin, log in with the password, admin.
Now you'll notice on the desktop, you have buffer overflow here, you have a number of you have two scripts
we're gonna first need to do is open up exploit
and you'll notice you have a proof of concept for your exploit but you know something this is bad chars dot txt, that's we're going to use for your bad characters. So
cut that out of here
and save this.
And then you can also add
bad chars dot txt
and stick this in here for when you do your test for bad characters. Don't forget to test for bad characters.
All right. So we have immunity D bugger here. We have do stack buffer overflow. Good here.
So you can start immunity D. Bugger
and you'll notice it looks like this. So click see
and expand this window.
There we go.
What you want to do is you can open
Well, we have to get that started for attached to work.
We can open do stack buffer overflow Good.
And like you'll see you'll need to press play a few times to proceed forward and make sure that this is listening.
So what you also need to do for test is you need to change your I. P. Address
And this is
100. All right.
So I just want to test this and make sure it works. Right.
So, we will test
sent python script. Hello, python script. You'll see
it was bytes received bytes sent client disconnected here, so we know it's working. Okay.
So the next thing to do of course, is to run our exploits script and see if this crashes.
So again I need to go and exploit.
I need to change the iP address.
that should crash.
You'll see ESPN overwritten
and Egypt is overwritten with your ace.
So from here that's where you do pattern, create and proceed forward. Check your bad characters, find your memory location.
Mona should be on here. Mona modules.
So don't forget that Mona is installed as well to help you out. So, follow the steps that I showed you during the entire lessons for this module. And you should be just finding getting your shell. Good luck.