Toggle search
Search
Toggle menu
notifications
Toggle personal menu
Editing
Binary Exploitation Workshop
From Chaosdorf Wiki
Views
Read
Edit with form
Edit
Edit source
View history
associated-pages
Page
Discussion
More actions
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
{{Event |Title=Binary Exploitation Workshop |Description= Segmentation fault (core dumped) |Type=Meet-Up |isRelevant=Yes }} {{Project |name=Binary Exploitation Workshop |description=Binary Exploitation Workshop |project category=Meet-Up |location=Chaosdorf |image=Pushfur.jpg |status=obsolete |people={{U|ilias}} }} {{Event |Title=Exploitation Workshop |Description=Binary Exploitation Workshop |Type=Workshop |Date=2019-08-05 |Start=13:00 |Host=ilias |isRelevant=Yes }} == Please read == Option 1: - Virtual machine software (VMWare, VirtualBox etc...) - Ubuntu 16.04 guest system(with binutils, gdb, python2.7, and the pwntools python module) - your C editor of choice Option 2: This is the prefered method. - Install VirtualBox - Install [https://www.vagrantup.com/ Vagrant] (wrapper for VirtualBox) - download this [https://gist.github.com/A2nkF/67a3b3f0d43077f28fa1601735e5301b Vagrantfile] - run vagrant up && vagrant ssh That will automatically create the ubuntuVM, install all the packages we need and setup a nice debugging environment. Another plus is that you will have exactly the same setup as me so debugging any problems is going to be easier. NOTE: The installation can take up to an hour. This Workshop is for beginners. Beginner as in new to binary exploitation not as in new to low level stuff, c and assembly. We'll try to briefly cover the usage of: * the pwntools python module * radare2 dissassembler (mostly for static analysis) * gdb (for dynamic analysis) * automated ROP-gadget finders The focus will be: * to learn about vulnerable C functions * to learn how simple exploits used to be * to learn what the GOT is * to learn what mitigations have been introduced in modern systems * to learn how to use ROP (return oriented programming) to bypass many exploit mitigations I will bring some binaries that we can attempt exploit. The goal is for every participant to be able to write a stackpivot->malloc->memcpy->mprotect ropchain to execute shellcode. == Prerequisites == As a participant, you should at least know: - C - Intel x86_64 assembly - the x86_64 calling convention Bonus points for knowing the layout of a process in memory and where each section gets loaded into ;D == Participants (please add your name!) == * {{U|barbieauglend}} * {{U|ytvwld}} * {{U|hanemile}} * {{U|bison}} (in blind mode) * fl0_id * Plant * gabriel * gglyptodon * Nico == Resolving technical issues == try: $ wget -q -O- https://github.com/hugsy/gef/raw/master/scripts/gef.sh | sh == Resources == https://github.com/r0hi7/BinExp https://null-byte.wonderhowto.com/how-to/exploit-development-learn-binary-exploitation-with-protostar-0181154/ https://github.com/Bretley/how2exploit_binary https://github.com/tharina/BlackHoodie-2018-Workshop https://github.com/chiliz16/ROP-Workshop https://wiki.osdev.org/Calling_Conventions https://github.com/pythonfoo/pythonfooLite/wiki/Python27 https://md.chaosdorf.de/_hYEB9-aT6-mQbjaXOftzQ?view
Summary:
Please note that all contributions to Chaosdorf Wiki are considered to be released under the Attribution 3.0 Unported (see
Chaosdorf Wiki:Copyrights
for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource.
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Templates used on this page:
Template:!-
(
edit
)
Template:Event
(
edit
)
Template:Ifnotempty
(
edit
)
Template:Infobox row
(
edit
)
Template:Infobox start
(
edit
)
Template:P1
(
edit
)
Template:P2
(
edit
)
Template:Project
(
edit
)
Template:U
(
edit
)