β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Buffer Overflow Example :
> This is an example of a very bad coding practices
*** that introduces a buffer overflow.
2) The purpose of this code is to serve as a demonstration and exercise for [The Art of Hacking Series and live training..in site xy..
The
You can compile this code or use the already-compiled binary [here](https://github.com/The-Art-of-Hacking/h4cker/raw/master/buffer_overflow_example/vuln_program).
3) For 32 bit systems you can use [gcc](https://www.gnu.org/software/gcc/) as shown below:
For 64 bit systems
@UndercodeTesting
> git sources
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Buffer Overflow Example :
> This is an example of a very bad coding practices
*** that introduces a buffer overflow.
2) The purpose of this code is to serve as a demonstration and exercise for [The Art of Hacking Series and live training..in site xy..
#include <stdio.h>
void secretFunction()
{
printf("Omar's Crappy Function\n");
printf("This is a super secret function!\n");
}
void echo()
{
char buffer[20];
printf("Please enter your name:\n");
scanf("%s", buffer);
printf("You entered: %s\n", buffer);
}
int main()
{
echo();
return 0;
}
The
char buffer[20]; is a really bad idea. The rest will be demonstrated in the course.You can compile this code or use the already-compiled binary [here](https://github.com/The-Art-of-Hacking/h4cker/raw/master/buffer_overflow_example/vuln_program).
3) For 32 bit systems you can use [gcc](https://www.gnu.org/software/gcc/) as shown below:
gcc vuln.c -o vuln -fno-stack-protector
For 64 bit systems
gcc vuln.c -o vuln -fno-stack-protector -m32
-fno-stack-protector disabled the stack protection. Smashing the stack is now allowed. -m32 made sure that the compiled binary is 32 bit. You may need to install some additional libraries to compile 32 bit binaries on 64 bit machines.@UndercodeTesting
> git sources
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Bug Bounties :
- [Bug Bounties 101](https://whitton.io/articles/bug-bounties-101-getting-started/)
- [The life of a bug bounty hunter](http://www.alphr.com/features/378577/q-a-the-life-of-a-bug-bounty-hunter)
- [Awesome list of bugbounty cheatsheets](https://github.com/EdOverflow/bugbounty-cheatsheet)
- [Getting Started - Bug Bounty Hunter Methodology](https://www.bugcrowd.com/blog/getting-started-bug-bounty-hunter-methodology)
- [How to Become a Successful Bug Bounty Hunter](https://hackerone.com/blog/what-great-hackers-share)
- [Researcher Resources - How to become a Bug Bounty Hunter](https://forum.bugcrowd.com/t/researcher-resources-how-to-become-a-bug-bounty-hunter/1102)
> git sources
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Bug Bounties :
- [Bug Bounties 101](https://whitton.io/articles/bug-bounties-101-getting-started/)
- [The life of a bug bounty hunter](http://www.alphr.com/features/378577/q-a-the-life-of-a-bug-bounty-hunter)
- [Awesome list of bugbounty cheatsheets](https://github.com/EdOverflow/bugbounty-cheatsheet)
- [Getting Started - Bug Bounty Hunter Methodology](https://www.bugcrowd.com/blog/getting-started-bug-bounty-hunter-methodology)
- [How to Become a Successful Bug Bounty Hunter](https://hackerone.com/blog/what-great-hackers-share)
- [Researcher Resources - How to become a Bug Bounty Hunter](https://forum.bugcrowd.com/t/researcher-resources-how-to-become-a-bug-bounty-hunter/1102)
> git sources
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Jack
Bug Bounties 101 - Getting Started
Bug Bounty & Application Security