Buffer Overflows – THE YEMENI GHOST

Part 1: https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/

Part 2: https://www.corelan.be/index.php/2009/07/23/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-2/

Windows Binaries (Recommend that you run these on Windows 7/XP 32 bit) :

Vulnserver: https://samsclass.info/127/proj/vuln-server.htm

Minishare 1.4.1: https://www.exploit-db.com/exploits/636

Savant Web Server 3.1: https://www.exploit-db.com/exploits/10434

Freefloat FTP Server 1.0: https://www.exploit-db.com/exploits/40673

Core FTP Server 1.2: https://www.exploit-db.com/exploits/39480 Linux Binaries :

Linux Buffer Overflow: https://samsclass.info/127/proj/lbuf1.htm
Vulnerable Boxes:

Brainpan 1: https://www.vulnhub.com/entry/brainpan-1,51/
Pinky’s Palace version 1: https://www.vulnhub.com/entry/pinkys-palace-v1,225/

Other Resources :

Whitepaper Introduction to Immunity Debugger: https://www.sans.org/reading-room/whitepapers/malicious/basic-reverse-engineering-immunity-debugger-36982

Buffer Overflows for Dummies: https://www.sans.org/reading-room/whitepapers/threats/buffer-overflows-dummies-481

Vortex Stack Buffer Overflow Practice: https://www.vortex.id.au/2017/05/pwkoscp-stack-buffer-overflow-practice/

Smashing the Stack For Fun and Profit: http://www-inst.eecs.berkeley.edu/~cs161/fa08/papers/stack_smashing.pdf

=================

Categories: