Editing Binary Exploitation Workshop

From Chaosdorf Wiki
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 3: Line 3:
|Description= Segmentation fault (core dumped)
|Description= Segmentation fault (core dumped)
|Type=Meet-Up
|Type=Meet-Up
|Date=2019-08-05
|Start=13:00
|isRelevant=Yes
|isRelevant=Yes
}}
}}
Line 11: Line 13:
|location=Chaosdorf
|location=Chaosdorf
|image=Pushfur.jpg
|image=Pushfur.jpg
|status=obsolete
|status=alpha
|people={{U|ilias}}
|people={{U|ilias}}
}}
}}
Line 50: Line 52:


The focus will be:
The focus will be:
* to learn about vulnerable C functions
* learning about vulnerable C functions
* to learn how simple exploits used to be
* learning how simple exploits used to be
* to learn what the GOT is
* learning what the GOT is
* to learn what mitigations have been introduced in modern systems
* learn what mitigations have been introduced in modern systems
* to learn how to use ROP (return oriented programming) to bypass many exploit mitigations
* using ROP (return oriented programming) to bypass many exploit mitigations


I will bring some binaries that we can attempt exploit.  
I will bring some binarys that we can attempt exploit.  
The goal is for every participant to be able to write a stackpivot->malloc->memcpy->mprotect ropchain to execute shellcode.
The goal is for every participant to be able to write a stackpivot->malloc->memcpy->mprotect ropchain to execute shellcode.


Line 67: Line 69:




== Participants (please add your name!) ==
== Possible Participants (please add your name!) ==
* {{U|barbieauglend}}
* {{U|barbieauglend}}
* {{U|ytvwld}}
* {{U|ytvwld}}
Line 75: Line 77:
* Plant
* Plant
* gabriel
* gabriel
* gglyptodon
* Nico
== Resolving technical issues ==
try:
$ wget -q -O- https://github.com/hugsy/gef/raw/master/scripts/gef.sh | sh


== Resources ==
== Resources ==
Line 90: Line 84:
     https://github.com/tharina/BlackHoodie-2018-Workshop
     https://github.com/tharina/BlackHoodie-2018-Workshop
     https://github.com/chiliz16/ROP-Workshop
     https://github.com/chiliz16/ROP-Workshop
    https://wiki.osdev.org/Calling_Conventions
    https://github.com/pythonfoo/pythonfooLite/wiki/Python27
    https://md.chaosdorf.de/_hYEB9-aT6-mQbjaXOftzQ?view
Please note that all contributions to Chaosdorf Wiki are considered to be released under the Attribution 3.0 Unported (see Chaosdorf Wiki:Copyrights for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource. Do not submit copyrighted work without permission!
Cancel Editing help (opens in new window)