Travis' x86 Linux Buffer Overflow Tutorial Series

From JaxHax
Jump to navigation Jump to search

Overview

X86 linux bof intro image.png

Travis' x86 Linux Buffer Overflow Tutorial Series is a series created by Travis Phillips of hands-on tutorials designed to teach the basics of what buffer overflows (sometimes referred to as 'bof') are, basic detection and exploitation techniques, and bypassing ASLR and DEP using ROP and various other tricks.


Before You Get Started

Before you dive into this series you will want to ensure you have a machine that is designed to follow along with this series. This series was built on Debian 8 Jessie. The machine should be as follows:

  • Have a Linux system installed that can build and run x86 binaries.
  • Have the following tools installed:
    • GDB
    • file
    • GDB-PEDA
    • python pwntools
    • objdump
    • ltrace
    • strace
    • Have Metasploit installed.
      • msfvenom is good for building payloads for you if don't have shellcode on hand
      • pattern_create and pattern_offset shipped with Metasploit are useful for finding offsets.
    • Have GCC and standard c libraries installed (preferably the *-dbg versions, makes gdb friendlier).
    • checksec.sh
    • Optionally have NASM installed for building custom payloads.


Also C and ASM knowledge are a plus. I try to cover the source code a bit and explain what is going on. However, if you are having a hard time following it then you may want to take some time to brush up on it. There are some links on it back on the [InfoSec Training Links Page].


If you need a small primer on using gdb, please see my Debugging in Linux presentation notes for a quick crash course.


Using This Series

This series is done in lessons. These lessons will provide a download with the source code, binary, and README.

The page for the lesson will:

  • Provide a download link for the lesson's files
  • List the objective of the binary and what your take away should be
  • Show the Source Code
  • Breakdown the code and point out how it works and what's wrong with it.
  • Walk through of the detection of the bug through exploiting it.
  • Re-cap on what could have been done to fix the issue
  • Review and additional exercises


Lessons