Binary Exploitation Workshop

Please read
Option 1: - Virtual machine software (VMWare, VirtualBox etc...) - Ubuntu 16.04 guest system(with binutils, gdb, python2.7, and the pwntools python module) - your C editor of choice Option 2: This is the prefered method. - Install VirtualBox - Install Vagrant (wrapper for VirtualBox) - download this Vagrantfile - run vagrant up && vagrant ssh That will automatically create the ubuntuVM, install all the packages we need and setup a nice debugging environment. Another plus is that you will have exactly the same setup as me so debugging any problems is going to be easier. NOTE: The installation can take up to an hour.

This Workshop is for beginners. Beginner as in new to binary exploitation not as in new to low level stuff, c and assembly.

We'll try to briefly cover the usage of:
 * the pwntools python module
 * radare2 dissassembler (mostly for static analysis)
 * gdb (for dynamic analysis)
 * automated ROP-gadget finders

The focus will be:
 * to learn about vulnerable C functions
 * to learn how simple exploits used to be
 * to learn what the GOT is
 * to learn what mitigations have been introduced in modern systems
 * to learn how to use ROP (return oriented programming) to bypass many exploit mitigations

I will bring some binaries that we can attempt exploit. The goal is for every participant to be able to write a stackpivot->malloc->memcpy->mprotect ropchain to execute shellcode.

Prerequisites
As a participant, you should at least know: - C   - Intel x86_64 assembly - the x86_64 calling convention Bonus points for knowing the layout of a process in memory and where each section gets loaded into ;D

Participants (please add your name!)

 * (in blind mode)
 * fl0_id
 * Plant
 * gabriel
 * gglyptodon
 * Nico
 * gabriel
 * gglyptodon
 * Nico

Resolving technical issues
try: $ wget -q -O- https://github.com/hugsy/gef/raw/master/scripts/gef.sh | sh

Resources
https://github.com/r0hi7/BinExp https://null-byte.wonderhowto.com/how-to/exploit-development-learn-binary-exploitation-with-protostar-0181154/ https://github.com/Bretley/how2exploit_binary https://github.com/tharina/BlackHoodie-2018-Workshop https://github.com/chiliz16/ROP-Workshop https://wiki.osdev.org/Calling_Conventions https://github.com/pythonfoo/pythonfooLite/wiki/Python27

https://md.darknebu.la/_hYEB9-aT6-mQbjaXOftzQ?both