OSCP Resources – Buffer Overflow

Buffer Overflow forms a huge part of the OSCP syllabus and exam. It is therefore imperative that you know the tools and BOF process at the back of your hand if you wish to score easy points during the exam.

Whilst the OSCP lab guide is sufficient for you to grasp an understanding of BOF and the exploitation process, there are some parts which I felt did not explain the rationale of doing something fully. Though this may have change with the latest update to the OSCP syllabus.

Here are some useful BOF resources that I have found during my research to complement what was covered in the OSCP lab guide.

The below 2 links are useful if you wish to deep dive into the types and purpose of each CPU registers. WARNING: DRY CONTENT!!

https://www.tutorialspoint.com/assembly_programming/assembly_registers.htm

http://flint.cs.yale.edu/cs421/papers/x86-asm/asm.html

More step-by-step Buffer Overflow if you feel you need to see BOF being performed from another perspective.

The following 2 Buffer Overflow whitepapers superbly written by SANS can be used in conjunction with the OSCP lab manual.

https://www.sans.org/reading-room/whitepapers/threats/buffer-overflows-dummies-481

https://www.sans.org/reading-room/whitepapers/securecode/buffer-overflow-attack-mechanism-method-prevention-386

This one from Justin Steven is also as good because he also included his own custom vulnerable Windows application for you to practice on.

https://github.com/justinsteven/dostackbufferoverflowgood

Lastly, a buffer overflow tutorial that does not use SLMail. This tutorial from corelan, like the one from Justin Steven, is very detailed in its’ explanation and process. Well worth have a through read.

https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/

That’s all I have for today. Stay tune for more OSCP preparation resources.

Leave a Reply

Your email address will not be published. Required fields are marked *