TryHackMe: OSCP Buffer Overflow Prep (OVERFLOW 1)

Room link: https://www.tryhackme.com/room/bufferoverflowprep
Note: This room is Free

Definitions:

1. EIP =>The Extended Instruction Pointer (EIP) is a register that contains the address of the next instruction for the program or command.
2. ESP=>The Extended Stack Pointer (ESP) is a register that lets you know where on the stack you are and allows you to push data in and out of the application.
3. JMP =>The Jump (JMP) is an instruction that modifies the flow of execution where the operand you designate will contain the address being jumped to.
4. \x41, \x42, \x43 =>The hexadecimal values for A, B and C. For this exercise, there is no benefit to using hex vs ascii, it’s just my personal preference.

OVERFLOW #1

Okay, right now we should run our Immunity Debugger as Administrator and open the oscp.exe.

The application will be loaded into the debugger in the “Paused” state. click Red play button on the upper bar within Immunity Debugger.