+ 5

I'm just starting to learn software exploitation (mostly binaries), can I get a few tips?

I don't want to be THAT girl, but the title does say it all. I've just started getting into program exploitation (I love it, so challenging!!), and I want to know I'm starting out on the right foot. I'm currently trying to do a stack overflow exploit on a basic scanf() program that I wrote on my x86_64 Linux Mint pc, using a nop sled and shellcode and then overwriting the instruction pointer to go back and execute my code. I'm just wondering if that's a good start, and any other challenges I should consider

18th Feb 2018, 6:48 PM
Joyce Levine
5 Answers
+ 14
I'd be interested to see a follow up post to learn how this works out for you!
18th Feb 2018, 11:54 PM
Charlie Mitchell
Charlie Mitchell - avatar
+ 4
that sounds great! Checkout the liveoverflow Channel auf YouTube. you might Need to Pause various Times, but it's pretty good. for practice: overthewire is great to start!! especially the 'narnia' series, that might be a perfect fit for you. picoctf has much beginner Challenges (some of them might be too Basic, but its a good practice, and they get Harder each Level); and from Level 3 they are not really easy anymore. If you have question, you can dm me :)
18th Feb 2018, 8:14 PM
Chiliz
+ 2
Check out the computerphile video on stack overflows if you are interested in it. Good demonstration of what is happening on the low level.
18th Feb 2018, 7:07 PM
Alex
Alex - avatar
+ 1
exploit wifi
28th Feb 2018, 6:56 PM
Aliasghartabarook