Skip to main content

One post tagged with "Buffer Overflow"

A Buffer Overflow occurs when a program attempts to store more data in a buffer (a reserved area of memory) than it is designed to hold, causing the excess data to spill over into adjacent areas of memory. This can overwrite important data or instructions, leading to unexpected behavior, crashes, or even code execution by an attacker. By manipulating buffer sizes and overflow conditions, attackers can inject malicious code, such as shellcode, to take control of a system or steal sensitive information.

View All Tags

HTB | You know 0xDiablos | Write-Up

· 22 min read

Summary:

We prepare for a challenge by preparing challenge files and testing the executable. Next, we perform static analysis using Ghidra to identify potential vulnerabilities. Upon discovering a buffer overflow vulnerability, we verify its existence and proceed to analyze the target architecture and endianness using pwntools' checksec feature.

With this information in hand, we use GDB and PEDA to identify the offset and address of the flag() function. We then craft a malicious payload using pwntools to smash the stack and exploit the vulnerability. Before submitting the exploit to the target machine, we verify its effectiveness against a local copy of the executable. After successfully exploiting the target, we submit our exploit and grab the recovered flag, declaring Challenge Completed once the task is accomplished.

Challenge Name: You know 0xDiablos | Difficulty: Easy | Category: Pwn