Advanced Buffer Overflow Techniques

Advanced Buffer Overflow Techniques

Black Hat via YouTube Direct link

Call thru a Register

20 of 33

20 of 33

Call thru a Register

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Advanced Buffer Overflow Techniques

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Attack Theory
  3. 3 Entry -vs- Effect
  4. 4 Injection Vector
  5. 5 Injector/Payload Pairs
  6. 6 Types of Injection
  7. 7 Who writes Injector Code?
  8. 8 How hard can it hit?
  9. 9 Buffer Overflow Injection
  10. 10 Challenges
  11. 11 Stack Injection
  12. 12 Address Housekeeping
  13. 13 Stack Overflow
  14. 14 Little and Big Endian
  15. 15 Where to put the payload
  16. 16 Confined Payload
  17. 17 Using more stack for payload
  18. 18 Large payload, Lowland address
  19. 19 A register points to the stack
  20. 20 Call thru a Register
  21. 21 Push a register then return
  22. 22 NOP Sled
  23. 23 Trespassing the HEAP
  24. 24 Overwrite the VTABLE
  25. 25 Overwrite VTABLE
  26. 26 Getting Bearings
  27. 27 XOR Protection
  28. 28 XOR again to decode
  29. 29 Hardcoded Function Calls
  30. 30 Pros/Cons to hard coding
  31. 31 Dynamic Function Loading
  32. 32 HASH Loading
  33. 33 Check CRC's

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.