β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Buffer Overflow Example :
> This is an example of a very bad coding practices
*** that introduces a buffer overflow.
2) The purpose of this code is to serve as a demonstration and exercise for [The Art of Hacking Series and live training..in site xy..
The
You can compile this code or use the already-compiled binary [here](https://github.com/The-Art-of-Hacking/h4cker/raw/master/buffer_overflow_example/vuln_program).
3) For 32 bit systems you can use [gcc](https://www.gnu.org/software/gcc/) as shown below:
For 64 bit systems
@UndercodeTesting
> git sources
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Buffer Overflow Example :
> This is an example of a very bad coding practices
*** that introduces a buffer overflow.
2) The purpose of this code is to serve as a demonstration and exercise for [The Art of Hacking Series and live training..in site xy..
#include <stdio.h>
void secretFunction()
{
printf("Omar's Crappy Function\n");
printf("This is a super secret function!\n");
}
void echo()
{
char buffer[20];
printf("Please enter your name:\n");
scanf("%s", buffer);
printf("You entered: %s\n", buffer);
}
int main()
{
echo();
return 0;
}
The
char buffer[20]; is a really bad idea. The rest will be demonstrated in the course.You can compile this code or use the already-compiled binary [here](https://github.com/The-Art-of-Hacking/h4cker/raw/master/buffer_overflow_example/vuln_program).
3) For 32 bit systems you can use [gcc](https://www.gnu.org/software/gcc/) as shown below:
gcc vuln.c -o vuln -fno-stack-protector
For 64 bit systems
gcc vuln.c -o vuln -fno-stack-protector -m32
-fno-stack-protector disabled the stack protection. Smashing the stack is now allowed. -m32 made sure that the compiled binary is 32 bit. You may need to install some additional libraries to compile 32 bit binaries on 64 bit machines.@UndercodeTesting
> git sources
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Bug Bounties :
- [Bug Bounties 101](https://whitton.io/articles/bug-bounties-101-getting-started/)
- [The life of a bug bounty hunter](http://www.alphr.com/features/378577/q-a-the-life-of-a-bug-bounty-hunter)
- [Awesome list of bugbounty cheatsheets](https://github.com/EdOverflow/bugbounty-cheatsheet)
- [Getting Started - Bug Bounty Hunter Methodology](https://www.bugcrowd.com/blog/getting-started-bug-bounty-hunter-methodology)
- [How to Become a Successful Bug Bounty Hunter](https://hackerone.com/blog/what-great-hackers-share)
- [Researcher Resources - How to become a Bug Bounty Hunter](https://forum.bugcrowd.com/t/researcher-resources-how-to-become-a-bug-bounty-hunter/1102)
> git sources
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Bug Bounties :
- [Bug Bounties 101](https://whitton.io/articles/bug-bounties-101-getting-started/)
- [The life of a bug bounty hunter](http://www.alphr.com/features/378577/q-a-the-life-of-a-bug-bounty-hunter)
- [Awesome list of bugbounty cheatsheets](https://github.com/EdOverflow/bugbounty-cheatsheet)
- [Getting Started - Bug Bounty Hunter Methodology](https://www.bugcrowd.com/blog/getting-started-bug-bounty-hunter-methodology)
- [How to Become a Successful Bug Bounty Hunter](https://hackerone.com/blog/what-great-hackers-share)
- [Researcher Resources - How to become a Bug Bounty Hunter](https://forum.bugcrowd.com/t/researcher-resources-how-to-become-a-bug-bounty-hunter/1102)
> git sources
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Jack
Bug Bounties 101 - Getting Started
Bug Bounty & Application Security
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#BUG BOUNTIES :
- [Awesome Bug Bounty Writeups](https://github.com/devanshbatham/Awesome-Bugbounty-Writeups)
## Bug Bounty Platforms
- [AntiHACK](https://www.antihack.me/)
- [Bounty Factory](https://bountyfactory.io/)
- [Bountysource](https://www.bountysource.com/)
- [BugbountyHQ](https://www.bugbountyhq.com/)
- [Bugbountyjp](https://bugbounty.jp/)
- [Bugcrowd](https://bugcrowd.com/)
- [CESPPA](https://www.cesppa.com/)
- [Cobalt](https://cobalt.io/)
- [Coder Bounty](http://www.coderbounty.com/)
- [Detectify](https://cs.detectify.com/)
- [FOSS Factory](http://www.fossfactory.org/)
- [FreedomSponsors](https://freedomsponsors.org/)
- [HackenProof](https://hackenproof.com/)
- [Hackerhive](https://hackerhive.io/)
- [HackerOne](https://hackerone.com/)
- [intigriti](https://intigriti.com/)
- [Safehats](https://safehats.com/)
- [Synack](https://www.synack.com/)
- [YesWeHack](https://yeswehack.com/)
@UndercodeTesting
> git sources
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#BUG BOUNTIES :
- [Awesome Bug Bounty Writeups](https://github.com/devanshbatham/Awesome-Bugbounty-Writeups)
## Bug Bounty Platforms
- [AntiHACK](https://www.antihack.me/)
- [Bounty Factory](https://bountyfactory.io/)
- [Bountysource](https://www.bountysource.com/)
- [BugbountyHQ](https://www.bugbountyhq.com/)
- [Bugbountyjp](https://bugbounty.jp/)
- [Bugcrowd](https://bugcrowd.com/)
- [CESPPA](https://www.cesppa.com/)
- [Cobalt](https://cobalt.io/)
- [Coder Bounty](http://www.coderbounty.com/)
- [Detectify](https://cs.detectify.com/)
- [FOSS Factory](http://www.fossfactory.org/)
- [FreedomSponsors](https://freedomsponsors.org/)
- [HackenProof](https://hackenproof.com/)
- [Hackerhive](https://hackerhive.io/)
- [HackerOne](https://hackerone.com/)
- [intigriti](https://intigriti.com/)
- [Safehats](https://safehats.com/)
- [Synack](https://www.synack.com/)
- [YesWeHack](https://yeswehack.com/)
@UndercodeTesting
> git sources
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - devanshbatham/Awesome-Bugbounty-Writeups: A curated list of bugbounty writeups (Bug type wise) , inspired from https:β¦
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference - devanshbatham/Awesome-Bugbounty-Writeups