ISAC Cambodia (InfoSec)
Video

EXPLOIT RESEARCH MEGAPRIMER PART 2 MEMCPY BUFFER OVERFLOW

Welcome to Part 2 of the Exploit Research Megaprimer. Please begin this series by watching Part 1, if you have not already done so!

In this video, we will look at how to exploit a simple buffer overflow caused by misuse of the memcpy function. You can download the vulnerable server Server-Memcpy.exe and follow this video. I take you through a 30 minute journey which starts with bug discovery with a crash, analyzing the crash with Immunity Debugger, finding where the return address and ESP are overwritten using byte patterns created by pattern_create of the Metasploit framework, creating the payload, creating the exploit script and finally exploiting the vulnerable server! The grand prize is that we are able to get a remote shell on the victim over port 10000.

Show More

Phannarith

Mr. OU Phannarith is one of the well-known cybersecurity experts in Cambodia and the region. He is the founder of the first leading information security website (www.secudemy.com) in Cambodia. He has been invited to present in global conferences, forums, and seminars and he was awarded in Information Security Leadership Achievements (ISLA) in 2016 by (ISC)2 and in December 2012 as one of the top 10 Chief Information Security Officers (CISO) in ASEAN by the International Data Group (IDG). Mr. OU has been the Professor specializing in Cybersecurity.

Related Articles

Back to top button