Ethical Hacking | Buffer Overflow (Arabic)
4.3 (47 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
2,367 students enrolled
Wishlisted Wishlist

Please confirm that you want to add Ethical Hacking | Buffer Overflow (Arabic) to your Wishlist.

Add to Wishlist

Ethical Hacking | Buffer Overflow (Arabic)

شرح مبسط لكيفية استغلال ثغرات Buffer Overflow
4.3 (47 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
2,367 students enrolled
Created by Nakerah Network
Last updated 4/2017
Arabic
Price: Free
Includes:
  • 2.5 hours on-demand video
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
What Will I Learn?
  • Basic buffer overflow fuzzing and exploitation
View Curriculum
Requirements
  • Passion
Description

Buffer overflow attacks exploit vulnerabilities in an application due to mishandling of occurrences of data buffers being presented with more data than they were intended to hold. This course explains the basics needed to understand the criticality of buffer overflow vulnerabilities and how they could be exploited by attackers to take complete control of a remote system.

The course starts with simple introduction about computer main components/structure and how they components work together to do preliminary functions. Then we move to seeing these interactions in reality by inspecting simple application execution inside a debugger and how the debugger can help inspection different sections of computer memory.

After that we delve into functions and how do they get executed inside computer memory (stack) in addition to having a quick look into stack layout and architecture. This is followed by explaining fuzzing basics and how fuzzing could be used to trigger buffer overflow condition without having any visibility over the application source code. A popular fuzzer caller Spike is being used during this demonstration in addition to inspecting network traffic generated by Spike using Wireshark sniffer.

Once buffer overflow condition is triggered, a proper payload will be created that would overwrite EIP register to hijack application execution flow. After that, Metasploit (the popular exploitation framework) is used to generate shellcode that will be placed into computer memory to execute arbitrary commands of attacker's choice.

Who is the target audience?
  • Anyone who wants to understand how buffer overlflow happens and how attackers utilize it to gain access to the vulnerable system
Students Who Viewed This Course Also Viewed
Curriculum For This Course
6 Lectures
02:32:48
+
Start Here
6 Lectures 02:32:48
How Computer Works ?
20:41

Quick look into Immunity Debugger
21:49

Stack Layout | How functions work ?
30:31

Fuzzing | Triggering buffer overflow condition
29:24

Overwriting EIP & hijacking execution flow
23:39

Shellcode generation & taking control of vulnerable system
26:44
About the Instructor
Nakerah Network
4.3 Average rating
47 Reviews
2,367 Students
1 Course
Volunteer @ Nakerah Network Community

10+ years of experience in cyber security field with both defensive and offensive exposure. Certified instructor for L|PT and C|EH and holding multiple certifications from GIAC/SANS & Offensive security.

Believes that no certification can assure the real experience of an individual and they are kind of indication and nothing more. In reality, most talented people hold no certification at all.

More information about the community can be found on the main website.