Binary Hacking Course

Binary Hacking Playlist

A little bit of background why I created this channel and what you can expect.

Installing Ubuntu Linux in a VM and introduction to the command-line.

A fast introduction into programming with C.

Just a super quick introduction into python programming.

How a CPU works. An introduction to reading assembler instructions.

A very simple reversing challenge for Linux

Exploring and comparing some common tools and techniques for reversing binaries.

InfoSec clickbait title by BuzzSec!

Can programs be uncrackable? Let's try to find some anti-debugging tricks.

We will have a look at what syscalls are and what it has to do with the kernel mode an user mode. We do this by exploring a kernel function and trace it down to the assembler level.

Why hexadecimal is cool and how we can convert between number systems

This video introduces, how to connect to the VM with ssh and explains what setuid binaries are.

We will write our first Buffer Overflow for the stack0 level of

This video shows you how to take over control of a program with a buffer overflow

We write our first real exploit to get root access. Solving stack5 from with a simple Buffer Overflow and shellcode.

Solving stack6 from with the re2libc technique.

Learning how to reverse engineering programs written in C

Solving format1 from with a simple Format String vulnerability, exploited with %n.

In this video we will introduce how shared libraries like libc are used by C programs. Specifically we will look at the Global Offset Table and the Procedure Linkage Table.

In this episode we combine the last two videos. Format String + overwriting an entry of the Global Offset Table to solve format4 from

Introducing the heap by looking at what malloc() does.

We are solving heap1 from by exploiting a heap overflow.

Video walkthrough the dirtyc0w privilege escalation exploit. Exploiting a Kernel race-condition.

Solving heap2 from to learn about heap use-after-free (UAF) exploits

An introduction on how to abuse Heap metadata to redirect program execution.

An introduction on how to abuse Heap metadata to redirect program execution.

We will learn how to daemonize a process and see how a server handles connections

Before we continue with the network challenges, let's first introduce the TCP protocol properly. Using netcat and wireshark to understand it.

Solving network level 1 with socket programming in python.

Exploring exploit-exercises protostar final0 level, triggering a buffer overflow and analysing core dumps generated by a segfault signal.

Writing an exploit in python to solve final0 from exploit-exercises protostar.

Solving final1 from with a format string vulnerability because of syslog().

Celebrating the milestone of finishing by streaming level `final2`.

Had a little bit of fun using dirtycow local root exploit on a server from

Just some thoughts on binary exploitation. Not sure if it makes sense :D

We have a look at stack level 0 from and compile it on a current Ubuntu, to see if it's still exploitable.

In part 2 we have a closer look at stack0 on a modern system. We are trying to plan an exploit that works in case we can guess the stack cookie. We have to be a bit creative here.

Bruteforcing stack canary, stack guard, stack cookie with a C program.

This is about format0 from compiled on a modern Ubuntu system.

Last week I thought this level couldn't be exploited. It turns out there is a way!

This level turns out to be fairly easy when compiled on a modern Ubuntu. Finally :D

In this video we build an exploit for format4 on a modern Ubuntu. This means that we have to adapt it to 64bit.

The heap0 example is not affected by DEP or ASLR on Ubuntu 16.04, so it's super easy. But we use the opportunity to investigate another weird string that we found on the heap.

Search Tags