Publisher : Nakerah Network
Course Language : Arabic
***Note***: For questions and practice exercises, please refer to Nakerah Network main website.
Buffer overflow attacks exploit vulnerabilities in an application due to mishandling of occurrences of data buffers being presented with more data than they were intended to hold. This course explains the basics needed to understand the criticality of buffer overflow vulnerabilities and how they could be exploited by attackers to take complete control of a remote system.
The course starts with simple introduction about computer main components/structure and how they components work together to do preliminary functions. Then we move to seeing these interactions in reality by inspecting simple application execution inside a debugger and how the debugger can help inspection different sections of computer memory.
After that we delve into functions and how do they get executed inside computer memory (stack) in addition to having a quick look into stack layout and architecture. This is followed by explaining fuzzing basics and how fuzzing could be used to trigger buffer overflow condition without having any visibility over the application source code. A popular fuzzer caller Spike is being used during this demonstration in addition to inspecting network traffic generated by Spike using Wireshark sniffer.
Once buffer overflow condition is triggered, a proper payload will be created that would overwrite EIP register to hijack application execution flow. After that, Metasploit (the popular exploitation framework) is used to generate shellcode that will be placed into computer memory to execute arbitrary commands of attacker's choice.