Buffer overflow is a condition where a program attempts to write data beyond the allocated boundary of a buffer. This vulnerability can be exploited by an attacker to alter the program’s flow, potentially leading to arbitrary code execution.
The goal of this lab is to:
- Understand how buffer overflow vulnerabilities work.
- Gain practical experience in exploiting them.
- Analyze the effectiveness of various security countermeasures.
- Python
- Ubuntu 20.04 VM
- Windows 10 (21H2)
- Getting familiar with the Shellcode
- Attack Implementation:
- Creating a malicious bad file
- Using revised shellcode that defeats countermeasures in
bashanddash
- Experimenting with:
- Address Randomization
- Other Countermeasures
- Guidelines on creating a Reverse Shell
| Script | Description |
|---|---|
./dc-build.sh |
Builds the Docker images. Accepts one optional parameter (e.g., --no-cache). |
./dc-up.sh |
Starts the Docker containers in the foreground. |
./dc-up-d.sh |
Starts the Docker containers in the background. |
./dc-stop.sh |
Stops the Docker containers. Accepts one optional parameter. |
./dc-down.sh |
Stops and removes the Docker containers. Accepts one optional parameter. |
./dc-unittest.sh |
A utility script for running a specific unit test class. |
In this lab, we are introduced to four servers, each running a program with a buffer-overflow vulnerability. The task involves:
- Exploiting the vulnerability to gain root access.
- Using a variety of techniques to craft and inject shellcode.
- Evaluating the effectiveness of security countermeasures.
- Develop exploitation schemes.
- Perform root-privilege escalations on vulnerable servers.
- Analyze and report on the effectiveness of:
- Address randomization
- Stack canaries
- No-eXecute (NX) bit
- Other OS-level defenses
💡 Note: This lab provides hands-on exposure to both offensive and defensive security practices. Ethical application and responsible usage of the knowledge gained are highly encouraged.