Tools • Requirements • Steps • Credits
If you are preparing for the OSCP exam or simply want to learn more about buffer overflows, this repo is for you! It follows the 7 steps by "The Cyber Mentor" with links to his videos and the modified code I wrote.
- A Windows 10 desktop. Download a virtual machine here
- A vulnerable software: Vulnserver. Download the repo into a new folder.
- Kali Linux or any other OS for offensive work. Download Kali's virtual image here
- A debugger: Immunity Debugger. Download it here. (You will need to register in the link, so be creative.)
Before we start learning. You will need to do the following:
- Temporarily disable Windows Defender Real-time protection. Confused? Info here
- Go to the saved Vulnserver folder and run the exe as admin.
- Run Immunity as admin.
Follow each of the 7 steps by first clicking the link to watch the "The Cyber Mentor" tutorial and then use the modified code I wrote on your network:
| Folder Name | Video Link |
|---|---|
| Spiking | Video |
| Fuzzing | Video |
| Find_EIP | Video |
| Overwrite_EIP | Video |
| Bad_chars | Video |
| Right_Module | Video |
| Exploit | Video |
Please note the scripts were modified to work with Python 3 and some of them were enhanced to fix common bugs.
This repo was created while watching the "Buffer Overflows Made Easy" Masterclass by "The Cyber Mentor". I want to thank him for putting out these videos. You can watch them in video or read them as doc.
To learn more about the changes in the code, I highly recommend to read Justin Steven's dostackbufferoverflowgood I also want to thank him for putting this amazing tutorial out there, and for answering some questions.
The code is licensed under the MIT License.