TryHackMe: Buffer Overflow Prep
Practice stack-based buffer overflows!
I did not use the RDP inside TryHackMe, instead, I download all the files needed on the machine and put in my own Windows.
How To Transfer The Files?
First, upload our nc.exe on that machine because I can't find nc on the machine,
certutil -urlcache -f http://<IP>/nc.exe c:\Users\admin\Desktop\nc.exe
Then I just use NC to transfer files. I don't know how to transfer all directory so instead, I just transfer each one inside the vulnerable-apps directory.
#On Our Machine
nc -l -p 1234 > oscp.exe#On Target Machine
nc.exe -w 3 <IP> 1234 < vulnerable-apps\oscp\oscp.exe
Keep doing that and let’s do all of the OVERFLOW tasks :) I’m excited to learn BOF >.<
OVERFLOW #1
Okay, right now we should run our Immunity Debugger as Administrator and open the oscp.exe.
Click the red play button or we can go to Debug > Run. To check we can NC to target machine with port 1337.
nc <IP> 1337