Format String Vulnerabilities
Format String Vulnerabilities
.MP4, AVC, 1280x720, 30 fps | English, AAC, 2 Ch | 1h 16m | 493 MB
Instructor: Srinivas
.MP4, AVC, 1280x720, 30 fps | English, AAC, 2 Ch | 1h 16m | 493 MB
Instructor: Srinivas
Learn Format String Vulnerabilities the right way to crack CTFs and the toughest certification exams out there
What you'll learn
Students will learn practical format string vulnerability concepts for x64 processors
Students will learn how to leak memory addresses using format string vulnerabilities on Linux for x64 processors
Students will learn how to bypass stack canaries on Linux for x64 processors
Students will learn advanced Linux Binary Exploitation concepts
Students will learn how to use pwntools binary exploitation framework
Requirements
A computer with administrative access, if you want to follow the hands-on exercises.
It is good to have knowledge basic on exploit development
Description
This course teaches exploit development concepts for Linux (x86_64) and it is specifically focused on format string vulnerabilities. This course begins by introducing students to the format string concepts on Linux x86_64 platform (though the concepts remain the same on other architectures too). We will slowly gear towards understanding how format string vulnerabilities can be leveraged to exploit other vulnerabilities such as Buffer Overflows. This is clearly taught in the course by showing various practical examples such as bypassing stack canaries and bypassing ASLR. This is an entry level to intermediate level course and we encourage you to take this course if you are interested to learn exploit development concepts surrounding format string vulnerabilities and memory leaks specifically for 64 bit intel processors. However, remember that the course involves a lot of assembly language and debugging using a debugger. So, you need patience and passion to learn the concepts taught in the course. This course makes use of a variety of techniques on exploit development and brace yourself if you are willing to learn by sitting in front of a computer. After successfully completing this course, you will be ready to attempt several industry leading practical cyber security certification exams.
Who this course is for:
Bug bounty hunters
CTF Players
Penetration testers
Security Auditors
Red Team Operators
Anyone interested in security.
Format String Vulnerabilities
