Buffer Overflow Primer Part 5 (Shellcode for Execve)

Welcome to Part 5 of the Buffer Overflow Primer. If you have not already done so, please start this series by viewing Part 1. The Buffer Overflow Primer requires that you know at least some basic Assembly Language. I have created a series of Assembly Language video tutorials for Hackers here, for those not familiar with the language.

In this video we will learn how to convert the shellcode created in the previous video to a more usable format. It is important to note that the shellcode in the previous video cannot be used as-is becuase it contains NULLs and hardcoded addresses. Thus we need to convert it into something which can be injected into a buffer - i.e. we need to remove the NULLs and setup relative addressing. This video will show how we can replace the NULLs in the shellcode with instructions which results in non-NULL shellcode. Also, we discuss in detail how we can setup relative addressing within the shellcode and modify it at runtime to make it work. This is probably the most important video in the series, if one wants to understand the shellcode generation process completely.

Please download ExecveShellCode.s and ShellCode.c before you view this video.

Related Videos from: Buffer Overflow Primer Series


Buffer Overflow Primer Part 1 (Smashing the Stack)	Buffer Overflow Primer Part 2 (Writing Exit Shellcode)	Buffer Overflow Primer Part 3 (Executing Shellcode)	Buffer Overflow Primer Part 4 (Disassembling Execve)	You are Viewing this Video Now!
17835 views	5492 views	5631 views	4534 views	4394 views

Author