Buffer Overflow Exploitation with Immunity Debugger | TryHackMe Buffer Overflow

📄 Cyber Security Certification Notes & Cheat Sheets https://buymeacoffee.com/notescatalog... 🚀(2nd link) Cyber Security Certification Notes & Cheat Sheets https://shop.motasem-notes.net/collec... 💡Cyber Security Notes | Membership Access https://buymeacoffee.com/notescatalog... 🧩Cybersecurity Direct Coaching & Mentoring https://shop.motasem-notes.net/collec... 🔥Download FREE Cyber Security 101 Study Notes https://buymeacoffee.com/notescatalog... 🧠 Get Strategic cyber security and tech insights weekly to your email by joining my newsletter below https://buymeacoffee.com/notescatalog... 📊Blog Writeups https://www.motasem-notes.net *** We covered the first part of buffer overflow training using TryHackMe Buffer Overflow room which is part of the OSCP pathway. In this part, we used the IDE, immunity debugger, to perform the debugging and analysis of the executable binaries to discover buffer overflow vulnerabilities. ************* TryHackMe Buffer Overflow Prep https://tryhackme.com/r/room/bufferov... Writeup https://motasem-notes.net/buffer-over... ******** Store https://buymeacoffee.com/notescatalog... Patreon   / motasemhamdan   Instagram   / motasem.hamdan.tech   Google Profile https://maps.app.goo.gl/eLotQQb7Dm6ai... LinkedIn [1]:   / motasem-hamdan-7673289b   [2]:   / motasem-eldad-ha-bb42481b2   Instagram   / mastermindstudynotes   Twitter   / manmotasem   Facebook   / motasemhamdantty   *** 0:00 - Introduction to Buffer Overflow Preparation 0:09 - Overview of Buffer Overflow Challenge on TryHackMe 0:37 - Deploying and Connecting to the Virtual Machine 1:03 - Opening Immunity Debugger and Vulnerable Application 1:30 - Understanding Buffer Overflow and Initial Setup 2:04 - Exploring the Application in Immunity Debugger 3:01 - Starting Fuzzing Process to Find Crash Point 4:00 - Creating and Running Fuzzing Script 5:30 - Determining Crash Point at 2000 Bytes 6:30 - Generating Pattern to Identify EIP Overwrite 8:04 - Creating Offset Pattern for EIP 9:05 - Running Exploit with Offset Pattern 9:55 - Confirming EIP Overwrite and Identifying Offset 11:08 - Adjusting Exploit for Correct Offset Value 12:35 - Restarting Application and Testing Offset 13:45 - Overwriting EIP with Controlled Value 15:00 - Identifying Bad Characters in the Payload 16:20 - Eliminating Bad Characters from Payload 17:55 - Using Mona to Analyze Bad Characters 19:10 - Finalizing Bad Character List 21:35 - Selecting Return Address and Preparing Payload 23:09 - Generating Exploit Code with MSFVenom 24:35 - Setting Up NOP Sled for Payload Execution 26:00 - Running Final Exploit and Receiving Reverse Shell 27:37 - Conclusion and Summary of Buffer Overflow Process