Setting up the Environment
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Difficulty
Intermediate
Video Transcription
00:00
>> Setting up the environment.
00:00
Our learning objective is to understand how to set up
00:00
the environment to practice the buffer overflow.
00:00
First things first, I want to give credit to
00:00
Justin Steven here for making
00:00
this vulnerable program and also
00:00
creating the tutorial to go through.
00:00
It explains why the program is vulnerable.
00:00
There's a lot of detail about it
00:00
and I suggest or recommend that you
00:00
read through it so you understand why
00:00
we're able to take advantage of
00:00
this buffer overflow attack for do stack buffer overflow,
00:00
good, this executable and here's the PDF.
00:00
You'll notice that he added
00:00
Python 3 to this. Why did he do that?
00:00
Because recently, I think last year,
00:00
we switched over to Python 3 from Python 2.
00:00
If you go to the command prompt and you
00:00
type in Python version,
00:00
if I just type in Python,
00:00
it's going to use Python 3.9.1.
00:00
The way he wrote it first was using Python 2,
00:00
and how we know that is the test script that he used,
00:00
we can see it's using Python 2.
00:00
Well, how do I do that?
00:00
How I do that is I do./ in this directory
00:00
and then I execute this and that will use Python 2,
00:00
instead of Python 3.
00:00
What I'm going to do is I'm going to remote
00:00
desktop over to our vulnerable Windows machine.
00:00
This is a Windows machine that I downloaded
00:00
from the Microsoft Developer site.
00:00
These are free to use for 30 days, 30 day trial.
00:00
But here I have my my host username
00:00
and password, and full screen.
00:00
Full screen makes things a lot easier for you.
00:00
But then you might go, no,
00:00
how do I get out of here?
00:00
Well, you do Control Alternate Enter or for Mac,
00:00
Control Option Enter. I'll try that now.
00:00
You can see it takes us out of full-screen mode,
00:00
but I want to stay in full-screen mode to show you this.
00:00
You'll notice we have immunity debugger here.
00:00
We have our do stack buffer overflow,
00:00
good here and what I'll be doing
00:00
a lot is I'll be attaching or opening this program.
00:00
You can do it two ways.
00:00
You can open up immunity debugger.
00:00
You can do File Open and here's the executable.
00:00
You'll notice it pops up here,
00:00
but it's going to pause.
00:00
You need to hit this Play button
00:00
here maybe more than
00:00
once to make sure the program is running.
00:00
You can either do it that way or looks out of here,
00:00
I'll launch the program,
00:00
then I'll launch immediately Debugger,
00:00
File, Attach, find it here, Attach.
00:00
Again, it will pause it and I'll need hit
00:00
"Play" to make sure that it's running.
00:00
Now, what I want to do is
00:00
you'll see coming out of full-screen mode
00:00
is really hard to see now.
00:00
But I will minimize this and I want to launch this here.
00:00
Let me make it nicer for you.
00:00
This is the test script he has in his PDF.
00:00
He really does a great job using comments,
00:00
setting the IP, so of course we have to
00:00
set that to the IP of our victim host.
00:00
The poor is going to be the same Elite,
00:00
we're creating this TCP connection here,
00:00
we're building a little message where our buffer will go.
00:00
Right now, just as buffers script, we send it.
00:00
It prints out what we sent,
00:00
received some data,
00:00
and then it prints out what we receive.
00:00
We should be able to execute this and see what happens.
00:00
We sent Python script,
00:00
received Hello, Python script. It's very friendly.
00:00
If we go back to full screen mode here.
00:00
You'll notice if we go back to our program,
00:00
we see that connection that
00:00
came through and how many bytes
00:00
received and how many bytes were sent.
00:00
The next step is to close the program and see if it
00:00
crashes by sending a long string of A's.
00:00
Stay tuned for our fuzzing next.
00:00
In summary, we should now understand how to set up
00:00
the environment to practice the buffer overflow.
Up Next
Fuzzing the Application
Finding Bad Characters
Finding the Return Address
Getting a Shell
Buffer Overflow Lab
Instructed By
Similar Content
