Beginner Buffer Overflow - Exploiting Dup Scout Enterprise 10.0.18

Channel:
United States Jason Turley
Subscribers:
3,600
Published on ● Video Link: https://www.youtube.com/watch?v=tqkDQE9Lqrg


Duration: 0:00
390 views
15

In this video, we go step-by-step through exploiting a stack buffer overflow in an old version of Dup Scout Enterprise.

The video covers:

✅ How to set up and install the vulnerable software.
✅ Using Burp Suite to fuzz web requests and uncover vulnerabilities.
✅ Analyzing crashes to overwrite the return address.
✅ Debugging the process with WinDbg to find exploitable flaws.
✅ Writing a Python exploit proof-of-concept to demonstrate the vulnerability.

This is a great beginning friendly video for learning how to exploit Windows applications!

📖 Resources
Blogs I've written on basic Windows exploit https://www.jasonturley.xyz/blog/windows-exploit-development/nd...
Exploit chttps://gist.github.com/JasonTurley/999ca242c449784c22b097466ba39e9d/9...
Mona (exploit development thttps://github.com/corelan/mona/mona
WinDbghttps://github.com/corelan/windbglibbglib

Timestamps
00:00 Intro
02:56 Installing and running the vulnerable application
07:00 Fuzzing the username parameter
10:12 Analyzing the application crash
13:37 Finding offset to the return address
18:50 Examining the binary's security mitigations
20:48 Debugging this bad boy in WinDbg
34:38 Overwriting the return address with a jump instruction
42:15 Crafting shellcode
44:50 Troubleshooting exploit and questioning life choices
46:50 Fixing the exploit and winning at life



Other Videos By Jason Turley


2025-04-23Ethernaut Foundry - Fallback
2025-04-06The BEST exploit development course I've ever taken
2025-03-05This Bug Stumps 90% of C Programmers
2025-02-02Penetration testing certifications #security #hacking #oscp
2025-02-02Cybersecurity experts do not exist #hacking #security #shorts
2025-01-27Beginner Buffer Overflow - Exploiting Dup Scout Enterprise 10.0.18
2025-01-10Downloading Windows VMs is a Huge Hassle
2024-12-20Exploiting a buffer overflow in an (intentionally) vulnerable router - DVRF stack_bof_01
2024-12-09Intro to Firmware Analysis with QEMU and Ghidra
2024-12-06Hacking Game Memory with Cheat Engine
2024-12-055 - ROP Emporium Walkthroughs - bad chars x64
2024-12-03Jason Turley Live Stream
2024-11-064 - ROP Emporium Walkthroughs - write4 x64
2024-10-22Text Hidden in Images - DEADFACE CTF 2024 "Something in the Dark"
2024-10-22DEADFACE CTF 2024 - Image of the Beast and She's Got Issues Walkthrough
2024-10-22Simple Reverse Engineering Challenge - DEADFACE CTF 2024
2024-10-16Binary Exploitation 🤝 Reverse Engineering #hacking #security
2024-10-16Is Binary Exploitation STILL Worth Learning Today? #security #hacking #binaryexploitation
2024-10-04Learn Binary Exploitation TODAY!
2024-09-08Behind the Scenes: Programming, Designing, and Promoting My Cybersecurity Newsletter
2024-08-16Reverse Engineering with Ghidra and Claude AI (picoCTF Classic Crackme 0x100)