Channel: LiveOverflow
Category: Education
Tags: how to hackexploit tutoriallive overflowhacking tutorialliveoverflow
Description: WE CREATED OUR FIRST EXPLOIT! In this video we were able to control the loading of a malicious library. This can be used to execute our own code as root! But it only works when executing it as root; Executing it as a regular user doesn't work... Grab the files: github.com/LiveOverflow/pwnedit dlopen man page: man7.org/linux/man-pages/man3/dlopen.3.html Complete playlist: studio.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/playlists Episode 15: 00:00 - Intro 00:27 - Recap of Library Loading Exploit Idea 01:45 - Debug a Different Crash 02:28 - Can We Reach dlopen? 03:37 - Using Patterns to find Offsets 05:05 - Writing NULL bytes 05:54 - Create Execution Wrapper sudoenv 07:52 - Debugging the Debug Script 09:00 - Controlling The ni Struct 10:18 - Single Step Exploit Code 11:33 - Create Attack Shared Library 12:17 - First Successful Exploit? 12:58 - Doesn't Work for User 13:16 - Outro -=[ ā¤ļø Support ]=- ā per Video: patreon.com/join/liveoverflow ā per Month: youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join -=[ š Social ]=- ā Twitter: twitter.com/LiveOverflow ā Instagram: instagram.com/LiveOverflow ā Blog: liveoverflow.com ā Subreddit: reddit.com/r/LiveOverflow ā Facebook: facebook.com/LiveOverflow