Share
## https://sploitus.com/exploit?id=12ABD7B2-CA54-5E16-BC07-5FAF1D40C8ED
# Buffer Overflow Exploit in Ruby

## Overview
This project was completed for my Programming for Penetration Testing course. The goal of this project was to script an exploit for a buffer overflow vulnerability in a simple server program running on the Break-in Box VM.

The project included two versions of the exploit. The first version was a plain Ruby script using sockets, and the second version was a Metasploit module based on a Metasploit template.

## Tools Used
- Kali Linux
- Ruby
- GDB
- Metasploit
- msfvenom
- Netcat
- Break-in Box VM
- Linux terminal

## How It Works
The Ruby exploit connects to the vulnerable server program over TCP and sends crafted input to overflow the buffer. The project involved testing different payloads, finding the correct return address offset, checking EIP register behavior in GDB, testing INT3 instructions, generating shellcode, and porting the exploit into a Metasploit module.

The documentation includes screenshots showing the crash behavior, EIP overwrite testing, INT3 shellcode testing, and the successful Metasploit shell session.

## How to Run
This project was created and tested in a controlled Kali Linux lab environment with a vulnerable Break-in Box VM.

Run the Ruby exploit script with the target IP address:
ruby myexploit.rb   #This will be the IP address of Debian Break-In Box

To use the Metasploit version, place the Metasploit module in the proper Metasploit modules folder and load it from Metasploit:
use exploit/linux/mymsfexploit