From the course: Kali Linux for Advanced Pen Testing and Ethical Hacking
Join today to access over 24,700 courses taught by industry experts.
Exploiting with C - Linux Tutorial
From the course: Kali Linux for Advanced Pen Testing and Ethical Hacking
Exploiting with C
- [Instructor] One of the more common languages for exploits is C. Let's take a look at the 2021 Baron Samedit exploit, which enables privilege escalation. We'll download this from Github. Git clone https github.com 1N53C CVE-2021-3156-POC.git. Then we'll clone into samedit. And we'll go into samedit. And we can see we have two C files, hax.C and lib.C Let's take a look at hax.C. If we scroll down, we can see the versions of Linux which have been tested against. And a little further down, we can see the usage details. Below that, we can see that the exploit is setting up a couple of smash arrays to overflow memory when doing a pseudo edit call. And if successful will then pop a shell. Okay, this comes with a make file, so let's check it out. Nano Makefile. This is doing a straightforward GCC compilation, but let's change the output file name to samedit to make it a bit simpler. Okay. Now let's make it.…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
