Buffer Overflow Hacking Tutorial (Bypass Passwords)

Learn Buffer Overflows from one of the masters – Stephen Sims – SANS instructor, course developer and well known reverse engineer with over 20 years of experience!
Big thanks to Brilliant for sponsoring this video! Get started with a free 30 day trial and 20% discount: https://brilliant.org/DavidBombal

// A bit about Stephen //
Stephen is an industry expert with over 20 years of experience in information technology and security. He’s authored SANS most advanced course, SEC760: Advanced Exploit Development for Penetration Testers, was the 9th person in the world to earn the GIAC Security Expert certification (GSE), and co-author of the Gray Hat Hacking book series, as well as a keynote speaker who’s appeared at RSA USA and APJ, OWASP AppSec, BSides events and more. On top of all this, Stephen is Curriculum Lead for SANS Offensive Operations.

// Stephen’s Social //
Twitter: https://twitter.com/Steph3nSims
YouTube Live: https://www.youtube.com/@OffByOneSecurity/streams
YouTube videos: https://www.youtube.com/@OffByOneSecurity/videos
E-mail: Stephen(at)deadlisting.com
SANS: https://www.sans.org/profiles/stephen-sims/

// Stephen’s Book //
Grey Hat Hacking: https://amzn.to/3B1FeIK

// David’s Social //

================
Connect with me:
================
Discord: http://discord.davidbombal.com
Twitter: https://www.twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
TikTok: http://tiktok.com/@davidbombal
YouTube Main Channel https://www.youtube.com/davidbombal
YouTube Tech Channel: https://www.youtube.com/channel/UCZTIRrENWr_rjVoA7BcUE_A
YouTube Clips Channel: https://www.youtube.com/channel/UCbY5wGxQgIiAeMdNkW5wM6Q
YouTube Shorts Channel: https://www.youtube.com/channel/UCEyCubIF0e8MYi1jkgVepKg
Apple Podcast: https://davidbombal.wiki/applepodcast
Spotify Podcast: https://open.spotify.com/show/3f6k6gERfuriI96efWWLQQ

================
Support me:
================
Or, buy my CCNA course and support me:
DavidBombal.com: CCNA ($10): http://bit.ly/yt999ccna
Udemy CCNA Course: https://bit.ly/ccnafor10dollars
GNS3 CCNA Course: CCNA ($10): https://bit.ly/gns3ccna10

// Menu //
00:00 – Buffer overflows
00:50 – Sponsor
01:36 – Stephen Sims introduction
03:21 – Overview of buffer overflows
04:44 – Future of buffer overflows
09:17 – C program demo
14:14 – strcopy vulnerability
14:45 – Shell code role
18:45 – Rust vs C?
20:05 – Rust vs other languages
21:23 – Heap & stack memory
26:32 – SigRed vulnerability
29:02 – DNS query role
30:49 – Heap overflow cause
35:00 – No args program check
37:06 – Program overview
41:10 – Hex & Stack
42:29 – Buffer overflow demo
42:53 – Determining buffer size
45:03 – Authentication bypass
50:33 – ASLR & Exploitation
52:01 – Memory & Environment

// Detailed outline of video: //
00:00:01 – Buffer overflow intro
00:00:12 – Pattern tool importance
00:00:27 – Overwriting return point
00:00:38 – Return to system function
00:00:44 – Authentication bypass success
00:00:50 – Advert
00:01:58 – Stephen’s intro & channel
00:03:21 – Stephen on buffer overflows
00:03:42 – Buffer overflow history
00:04:18 – Mitigations & shadow stacks
00:04:44 – Future of buffer overflows
00:05:54 – Shadow stack obstacles
00:06:04 – Understanding tech basics
00:06:19 – Microsoft & IoT implementations
00:06:27 – Buffer overflow concept
00:08:53 – Buffer overflow explanation
00:09:17 – C program demo
00:11:04 – User input handling
00:12:53 – ‘A’ letter in debugging
00:13:47 – Vulnerable program recap
00:14:14 – strcopy vulnerability
00:14:45 – Shell code role
00:15:42 – Stack overflow goal
00:15:58 – Mitigation techniques
00:16:18 – Data execution prevention
00:18:29 – Stack pop & language benefits
00:18:38 – Old-school attacks
00:18:45 – Rust vs C?
00:18:52 – Microsoft & Rust
00:19:20 – Rust benefits
00:19:37 – Transitioning to Rust
00:20:05 – Rust vs other languages
00:20:34 – C++ legacy queries
00:20:57 – Retraining devs
00:21:13 – Command line intro
00:21:23 – Heap & stack memory
00:21:42 – Memory code segment
00:22:03 – Stack memory understanding
00:22:37 – Dynamic memory usage
00:26:32 – SigRed vulnerability
00:27:13 – Disassembly importance
00:27:46 – Machine code relation
00:28:01 – Vulnerable code snippets
00:28:35 – Size argument complexity
00:29:02 – DNS query role
00:29:56 – Memory allocation in DNS
00:30:49 – Heap overflow cause
00:31:53 – Server-side vulnerability
00:32:18 – Explanation compliments
00:32:21 – Mitigation discussion
00:34:10 – Checking ID
00:34:16 – UID & processes
00:34:32 – C arguments
00:35:00 – No args program check
00:35:46 – Calling vulnerable function
00:36:05 – Creating checkpw function
00:37:06 – Program overview
00:37:55 – Buffer overflow talk
00:38:27 – Program compiling
00:41:10 – Hex & Stack
00:41:18 – checkpw vulnerability
00:41:44 – Buffer size
00:42:29 – Buffer overflow demo
00:42:53 – Determining buffer size
00:44:06 – Return pointer exploit
00:45:03 – Authentication bypass
00:46:47 – Return-to-libc & DEP
00:47:16 – System function manipulation
00:47:45 – Memory address exploit
00:49:23 – Command execution
00:50:33 – ASLR & Exploitation
00:52:01 – Memory & Environment
00:53:48 – Return-to-libc talk

buffer
buffer overflow
buffer overflow attack
windows
linux
exploits

Disclaimer: This video is for educational purposes only. I own all equipment used for this demonstration. No actual attack took place on any websites.

Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

#bufferoverflow #linux #windows

subscribe
  • David Bombal