Welcome to Part 2 of the Exploit Research Megaprimer. Please begin this series by watching Part 1, if you have not already done so!
In this video, we will look at how to exploit a simple buffer overflow caused by misuse of the memcpy function. You can download the vulnerable server Server-Memcpy.exe and follow this video. I take you through a 30 minute journey which starts with bug discovery with a crash, analyzing the crash with Immunity Debugger, finding where the return address and ESP are overwritten using byte patterns created by pattern_create of the Metasploit framework, creating the payload, creating the exploit script and finally exploiting the vulnerable server! The grand prize is that we are able to get a remote shell on the victim over port 10000.
