The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
{{Event | {{Event | ||
|Title=Binary Exploitation Workshop | |Title=Binary Exploitation Workshop | ||
|Description= Segmentation fault (core dumped) | |Description=== AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA == Segmentation fault (core dumped) | ||
|Type=Meet-Up | |Type=Meet-Up | ||
|Date=2019-07-02 | |||
|Start=17:00 | |||
|isRelevant=Yes | |isRelevant=Yes | ||
}} | }} | ||
Line 11: | Line 13: | ||
|location=Chaosdorf | |location=Chaosdorf | ||
|image=Pushfur.jpg | |image=Pushfur.jpg | ||
|status= | |status=alpha | ||
|people={{U|ilias}} | |people={{U|ilias}} | ||
}} | }} | ||
Line 18: | Line 20: | ||
|Description=Binary Exploitation Workshop | |Description=Binary Exploitation Workshop | ||
|Type=Workshop | |Type=Workshop | ||
|Date= | |Date= | ||
|Start= | |Start=17:00 | ||
|Host=ilias | |Host=ilias | ||
|isRelevant=Yes | |isRelevant=Yes | ||
}} | }} | ||
== Please read == | == Please read == | ||
Prerequisites: | |||
Option 1: | Option 1: | ||
Line 48: | Line 53: | ||
* gdb (for dynamic analysis) | * gdb (for dynamic analysis) | ||
* automated ROP-gadget finders | * automated ROP-gadget finders | ||
* oneshot gadgets | |||
The focus will be: | The focus will be: | ||
* | * learning about vulnerable C functions | ||
* | * learning how simple exploits used to be | ||
* | * learning what the GOT is | ||
* | * learn what mitigations have been introduced in modern systems | ||
* | * using ROP (return oriented programming) to bypass many exploit mitigations | ||
I will bring some | I will bring some binarys that we can attempt exploit. | ||
The goal is for every participant to be able to write a stackpivot->malloc->memcpy->mprotect ropchain to execute shellcode. | The goal is for every participant to be able to write a stackpivot->malloc->memcpy->mprotect ropchain to execute shellcode. | ||
== Prerequisites == | == Prerequisites == | ||
As a participant, you should at least know: | As a participant, you should at least know: | ||
- C | |||
- Intel x86_64 assembly | |||
- the x86_64 calling convention | |||
Bonus points for knowing the layout of a process in memory and where each section gets loaded into ;D | |||
== | == Participants (please register!) == | ||
- {{U|barbieauglend}} | |||
== Recources == | |||
https://github.com/r0hi7/BinExp | |||
https://null-byte.wonderhowto.com/how-to/exploit-development-learn-binary-exploitation-with-protostar-0181154/ | |||
https://github.com/Bretley/how2exploit_binary |