From the course: Certified Ethical Hacker (CEH)
Join today to access over 24,700 courses taught by industry experts.
Exploiting buffer overflows and creating payloads
From the course: Certified Ethical Hacker (CEH)
Exploiting buffer overflows and creating payloads
“
in a system. It can lead to a denial of service condition because a program can crash or the whole device can crash, right? This is something that has been very popular running of course HTTP, HTTPS or let's say a Cisco router running OSPF, BGP, and many other applications, right? Again, nothing is immune to this regardless of the vendor, regardless of the technology, you know, whether it's a Windows machine, a Linux box, Mac OS X and so on. I have a couple of examples of buffer overflows under my GitHub repository. So if you have a WebSploit, you already have a copy of my GitHub repository and that is under the h4cker directory, and if you go under the buffer_overflow_example, you basically see a few files in here. Now, I have a program that you have the source code, and it's also compiled here, and first, let me show you the source code of that program, and if you go to bad_code.c, and I'm just going to open that right now here, you don't have to be a programmer to actually know…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Watch this course anytime, anywhere.
Get started with a free trial today.
Contents
-
-
(Locked)
Module 1: Information security, cybersecurity, and ethical hacking overview introduction1m 9s
-
(Locked)
Learning objectives45s
-
(Locked)
Introducing information security and cybersecurity2m 17s
-
(Locked)
Understanding the cyber kill chain and hacking concepts7m 33s
-
Surveying ethical hacking methodologies11m 38s
-
(Locked)
Understanding information security controls3m 3s
-
(Locked)
Understanding security laws and standards3m 32s
-
(Locked)
Planning and scoping a penetration testing assessment5m 9s
-
(Locked)
Building your own hacking lab with WebSploit Labs8m 43s
-
(Locked)
-
-
(Locked)
Module 2: Reconnaissance techniques introduction1m 31s
-
(Locked)
Learning objectives1m 25s
-
(Locked)
Understanding information gathering and vulnerability identification2m 27s
-
Introducing open source intelligence (OSINT) techniques14m 39s
-
(Locked)
Exploring footprinting methodologies3m 12s
-
(Locked)
Utilizing search engines for footprinting5m 26s
-
(Locked)
Footprinting web services3m 55s
-
(Locked)
Exploiting social networking sites for footprinting1m 20s
-
(Locked)
Surveying password dumps, file metadata, and public source-code repositories10m 53s
-
(Locked)
Using whois for footprinting4m 27s
-
(Locked)
Implementing DNS footprinting3m
-
(Locked)
Executing network footprinting4m 45s
-
(Locked)
Applying social engineering for footprinting3m 39s
-
(Locked)
Introducing Shodan, Maltego, Amass, Recon-ng, and other recon tools17m 34s
-
(Locked)
Identifying cloud vs. self-hosted assets7m 13s
-
(Locked)
-
-
(Locked)
Learning objectives35s
-
(Locked)
Surveying network scanning concepts6m 35s
-
(Locked)
Exploiting scanning tools24m 33s
-
(Locked)
Understanding host discovery8m 40s
-
Performing website and web application reconnaissance10m 22s
-
(Locked)
Performing OS discovery: Banner grabbing and OS fingerprinting6m 8s
-
(Locked)
Scanning beyond IDS and firewall12m 13s
-
(Locked)
Creating network diagrams2m 30s
-
(Locked)
Discovering cloud assets7m 2s
-
(Locked)
Crafting packets with Scapy to perform reconnaissance5m 48s
-
(Locked)
-
-
(Locked)
Learning objectives20s
-
(Locked)
Introducing enumeration techniques1m 44s
-
(Locked)
Performing NetBIOS enumeration2m 9s
-
(Locked)
Performing SNMP enumeration4m 39s
-
(Locked)
Performing LDAP enumeration1m 51s
-
(Locked)
Performing NTP and NFS enumeration3m 34s
-
(Locked)
Performing SMTP and DNS enumeration3m 51s
-
Conducting additional enumeration techniques7m 40s
-
(Locked)
Surveying enumeration countermeasures3m 4s
-
(Locked)
-
-
(Locked)
Module 3: System hacking phases and attack techniques introduction1m 27s
-
(Locked)
Learning objectives30s
-
(Locked)
Understanding vulnerability assessment concepts4m 14s
-
(Locked)
Classifying and assessing vulnerability types3m 5s
-
(Locked)
Utilizing vulnerability assessment tools3m 3s
-
(Locked)
Generating vulnerability assessment reports2m 22s
-
(Locked)
-
-
(Locked)
Learning objectives58s
-
(Locked)
Understanding system hacking concepts1m 45s
-
(Locked)
Gaining system access2m 34s
-
(Locked)
Cracking passwords5m 9s
-
Exploiting known and zero-day vulnerabilities7m 28s
-
(Locked)
Escalating privileges6m 9s
-
(Locked)
Maintaining access, command and control, and exfiltration7m 54s
-
(Locked)
Executing applications8m 59s
-
(Locked)
Hiding files6m 31s
-
(Locked)
Clearing logs4m 26s
-
(Locked)
Performing on-path attacks5m 43s
-
(Locked)
Introduction to lateral movement and exfiltration3m 32s
-
(Locked)
Understanding post-engagement cleanup4m 22s
-
(Locked)
-
-
(Locked)
Learning objectives38s
-
(Locked)
Understanding malware concepts2m 40s
-
(Locked)
Comprehending APT concepts2m 23s
-
(Locked)
Grasping trojan concepts4m 12s
-
(Locked)
Exploring virus and worm concepts2m 21s
-
Examining fileless malware and living off the land techniques4m 52s
-
(Locked)
Analyzing malware5m 3s
-
(Locked)
Implementing malware countermeasures4m
-
(Locked)
-
-
(Locked)
Module 4: Network and perimeter hacking introduction39s
-
(Locked)
Learning objectives28s
-
Introducing sniffing concepts12m 27s
-
(Locked)
Performing MAC attacks3m 41s
-
(Locked)
Conducting DHCP attacks5m 6s
-
(Locked)
Performing ARP poisoning4m 39s
-
(Locked)
Performing spoofing attacks5m 56s
-
(Locked)
Performing DNS poisoning4m 54s
-
(Locked)
Surveying sniffing tools1m 26s
-
(Locked)
Exploring sniffing countermeasures and detection techniques4m 22s
-
(Locked)
-
-
(Locked)
Learning objectives35s
-
(Locked)
Introducing social engineering concepts and techniques3m 58s
-
Understanding the insider threat5m 26s
-
(Locked)
Impersonation on social networking sites4m 49s
-
(Locked)
Understanding identity theft3m 41s
-
(Locked)
Understanding social engineering countermeasures3m 38s
-
(Locked)
-
-
(Locked)
Learning objectives30s
-
Introducing DoS/DDoS concepts and attack techniques7m 19s
-
(Locked)
Defining what botnets are3m 2s
-
(Locked)
Exploring DDoS case studies2m 32s
-
(Locked)
Surveying DoS/DDoS attack tools2m 42s
-
(Locked)
Understanding DoS/DDoS countermeasures and protection tools8m 33s
-
(Locked)
-
-
(Locked)
Learning objectives30s
-
(Locked)
Introducing session hijacking concepts5m 31s
-
(Locked)
Performing application level session hijacking5m 26s
-
(Locked)
Understanding network level session hijacking6m 13s
-
(Locked)
Surveying session hijacking tools2m 21s
-
(Locked)
Understanding session hijacking countermeasures3m 18s
-
(Locked)
-
-
(Locked)
Learning objectives1m 5s
-
(Locked)
Introducing IDS, IPS, firewall, and honeypot concepts5m 41s
-
(Locked)
Exploring IDS, IPS, firewall, and honeypot solutions9m 14s
-
(Locked)
Evading IDS and firewalls6m 45s
-
(Locked)
Surveying IDS and firewall evading tools4m 14s
-
(Locked)
Detecting honeypots and sandboxes5m 2s
-
(Locked)
Understanding IDS and firewall evasion countermeasures4m 48s
-
(Locked)
-
-
(Locked)
Module 5: Web application hacking introduction33s
-
(Locked)
Learning objectives29s
-
(Locked)
Introducing web server concepts8m 3s
-
(Locked)
Exploring web server attacks8m 30s
-
(Locked)
Surveying web server attack methodologies9m 34s
-
(Locked)
Understanding web server countermeasures7m 23s
-
(Locked)
Understanding patch management13m 5s
-
(Locked)
-
-
(Locked)
Learning objectives1m 26s
-
(Locked)
Understanding web app concepts and identifying web app threats2m 35s
-
(Locked)
Exploring the OWASP Top 10 for web applications6m 17s
-
(Locked)
Applying web app hacking methodologies and footprinting web infrastructure4m 59s
-
(Locked)
Analyzing web applications and bypassing client-side controls7m 43s
-
(Locked)
Attacking authentication mechanisms2m 7s
-
(Locked)
Attacking session management mechanisms4m 30s
-
(Locked)
Exploiting authorization schemes and access controls flaws16m 14s
-
(Locked)
Exploiting cross-site scripting (XSS) and cross-site request forgery (CSRF) vulnerabilities16m 47s
-
(Locked)
Understanding server-side request forgery (SSRF) vulnerabilities10m 6s
-
(Locked)
Exploiting buffer overflows and creating payloads24m 4s
-
(Locked)
Attacking application logic flaws and shared environments5m 8s
-
(Locked)
Attacking database connectivity and web app clients4m 8s
-
(Locked)
Attacking web services, exploiting web APIs, webhooks, and web shells11m 22s
-
(Locked)
Ensuring web app security2m 39s
-
(Locked)
-
-
(Locked)
Learning objectives39s
-
(Locked)
Introducing SQL injection concepts23m 2s
-
(Locked)
Understanding the types of SQL injection8m 9s
-
(Locked)
Exploring the SQL injection methodologies10m 36s
-
(Locked)
Exploring SQL injection tools13m 4s
-
(Locked)
Exploring SQL injection evasion techniques3m 39s
-
(Locked)
Understanding SQL injection countermeasures3m 12s
-
(Locked)
-
-
(Locked)
Module 6: Wireless, mobile, IoT, and OT hacking introduction1m 9s
-
(Locked)
Learning objectives27s
-
(Locked)
Introducing wireless concepts5m 52s
-
(Locked)
Understanding wireless encryption6m 37s
-
(Locked)
Exploring wireless threats16m 54s
-
(Locked)
Understanding wireless hacking methodologies3m 3s
-
(Locked)
Surveying wireless hacking tools5m 11s
-
(Locked)
Hacking Bluetooth2m 42s
-
(Locked)
Introducing wireless countermeasure1m 55s
-
(Locked)
Exploring wireless security tools2m 11s
-
(Locked)
-
-
(Locked)
Learning objectives38s
-
(Locked)
Understanding IoT concepts7m 7s
-
(Locked)
Surveying IoT hacking methodologies and IoT hacking tools8m 30s
-
(Locked)
Implementing IoT attack countermeasures2m 21s
-
(Locked)
Introducing OT, ICS, and SCADA concepts and attacks7m 13s
-
(Locked)
Implementing OT attack countermeasures2m 13s
-
(Locked)
-
-
(Locked)
Module 7: Cloud computing and cryptography introduction1m 30s
-
(Locked)
Learning objectives59s
-
(Locked)
Understanding cloud computing concepts4m 32s
-
(Locked)
Exploring container technology and Kubernetes9m 29s
-
(Locked)
Leveraging serverless computing4m 5s
-
(Locked)
Identifying cloud computing threats6m 7s
-
(Locked)
Conducting cloud hacking5m 58s
-
(Locked)
Ensuring cloud security4m 10s
-
(Locked)
Surveying patch management in the cloud13m 54s
-
(Locked)
Introducing DevSecOps3m 41s
-
(Locked)
Securing code, applications, and building DevSecOps pipelines7m 30s
-
(Locked)
-
-
(Locked)
Learning objectives51s
-
(Locked)
Introducing cryptography and cryptanalysis2m 52s
-
(Locked)
Understanding the different encryption algorithms and post-quantum cryptography9m 54s
-
(Locked)
Describing hashing algorithms2m 50s
-
(Locked)
Understanding public key infrastructure (PKI)1m 37s
-
(Locked)
Understanding email encryption5m 1s
-
(Locked)
Understanding disk encryption3m 19s
-
(Locked)
Introducing certificate authorities (CAs) and certificate enrollment8m 11s
-
(Locked)
Surveying SSL and TLS implementations5m 53s
-
(Locked)
Surveying IPsec implementations and modern VPN implementations5m 42s
-
(Locked)
-
-
(Locked)
Module 8: Securing generative AI introduction1m 44s
-
(Locked)
Learning objectives1m 12s
-
(Locked)
Understanding the significance of LLMs in the AI landscape7m 6s
-
(Locked)
Exploring the resources for this course: GitHub repositories and others2m 54s
-
(Locked)
Introducing retrieval augmented generation (RAG)12m 24s
-
(Locked)
Understanding the OWASP Top 10 risks for LLMs5m 46s
-
(Locked)
Exploring the MITRE ATLAS™ (Adversarial Threat Landscape for Artificial-Intelligence Systems) framework5m 38s
-
(Locked)
Understanding the NIST taxonomy and terminology of attacks and mitigations7m 8s
-
(Locked)
-
-
(Locked)
Learning objectives55s
-
(Locked)
Defining prompt injection attacks11m 41s
-
(Locked)
Exploring real-life prompt injection attacks3m 57s
-
(Locked)
Using ChatML for OpenAI API calls to indicate to the LLM the source of prompt input10m 4s
-
(Locked)
Enforcing privilege control on LLM access to back-end systems6m 10s
-
(Locked)
Best practices around API tokens for plugins, data access, and function-level permissions3m 2s
-
(Locked)
Understanding insecure output handling attacks3m 22s
-
(Locked)
Using the OWASP ASVS to protect against insecure output handling4m 43s
-
(Locked)
-
-
(Locked)
Learning objectives39s
-
(Locked)
Understanding training data poisoning attacks4m 26s
-
(Locked)
Exploring model denial of service attacks3m 11s
-
(Locked)
Understanding the risks of the AI and ML supply chain8m 33s
-
(Locked)
Best practices when using open-source models from Hugging Face and other sources12m 45s
-
(Locked)
Securing Amazon Bedrock, SageMaker, Microsoft Azure AI services, and other environments16m 5s
-
(Locked)