Buffer overflow & Ruby

Hi Everyone!

I hope you are all doing well and staying safe. Another week gone! Time really does fly when you are studying for an exam.. So with UK increasing the “lockdown” by another 3 weeks, I got 3 more weeks to really knuckle down and feed my brain with as much knowledge as possible! I am starting to think about dates now for the exam, I think I should set myself a target date and work towards it. However I also feel that maybe I should just do the exam whenever I feel ready.. quite confused to be honest!

What have I done in the last week?

Initial plan was to do all the labs again using my spreadsheet. Then I thought NO! I cant keep ignoring Buffer Overflow. Now, I spoke to a few people who are in similar situation to me regarding prepping for the exam. You can really feel the conversation change when we talk about buffer overflow, its not really easy to understand. Anyway, whilst I was catching up with a fellow PTP student, he informed me that if you have the Elite version (Which I do) the ruby section is excellent for buffer overflow. I can confirm.. HE IS RIGHT!

Ruby

So I studied the ruby section for about 3/4 days, I really struggled with understanding the language at first. I guess I just prefer python.. not that I am a pro at it or anything. It did become easier over time though! So yeah, ELS kind of gives you more examples of buffer overflow in the ruby section as well as a lab focused on using ruby for buffer overflow (there are a few goodies for you too, which can be pretty useful during the exam.. i hope). Yeah I am definitely glad I got the elite version now!

Buffer overflow

Apart from the ruby section, I also watched/followed the cyber mentor’s series on buffer flow, in the series he dedicates one episode per step that you need to do to exploit buffer overflow on vulnserver. I found it really helpful! I set up a windows VM, downloaded immunity debugger, downloaded the resources from PTP material and I also did the original buffer overflow exploit from the PTP learning material. In total, I did 3 different exploits and I really do feel much more comfortable. I think I built it up in my head and made it seem much more difficult then it actually was. If anyone else is making the same mistake as me then I suggest stop running from it and tackle it! You will be fine!

Once I overcame my buffer overflow fear, it was studying as usual. I am going through the labs again (I have done about 10 in total now). My spreadsheet is definitely helping me, I am not relying on lab solutions at all now. I just need to get confident and believe in my spreadsheet, there have been moments where I have doubted myself and double checked with solutions. Apart from that I am tweaking my spreadsheet, adding stuff to it and making it clearer to follow.

Upcoming Week

The month of Ramadan is coming up, which means I will be fasting for a month. I don’t think it will distract me from studying, I may lose focus at times but I am sure I can manage by taking a few more breaks. The plan is just to carry on as usual, keep doing the labs. I am growing in confidence with each lab and as I mentioned before, I find myself thinking about exam dates a lot. 2 weeks from now sounds reasonable depending on how I feel whilst fasting. I am fairly confident that I can finish the labs again within 2 week and then go over a few labs again such as pivoting etc. Its not set in stone but I like to work towards something!

Thank you all for reading my blogs, it really means a lot to me. Thank you to all the people that are contacting me. I love talking to you all, you guys really help me and motivate me too! Also thank you to all those that are sharing their resources with me. Keep it up my friends, keep studying and stay safe. Get in touch with me if you are studying towards eCPPT and want to discuss anything related to the study materials or exam. Lets do this!

Please follow and like!

Leave a Reply

Your email address will not be published. Required fields are marked *