Editing Binary Exploitation Workshop

{{Event
|Title=Binary Exploitation Workshop
|Description= Segmentation fault (core dumped)
|Type=Meet-Up
|isRelevant=Yes
}}
{{Project
|name=Binary Exploitation Workshop
|description=Binary Exploitation Workshop
|project category=Meet-Up
|location=Chaosdorf
|image=Pushfur.jpg
|status=obsolete
|people={{U|ilias}}
}}
{{Event
|Title=Exploitation Workshop
|Description=Binary Exploitation Workshop
|Type=Workshop
|Date=2019-08-05
|Start=13:00
|Host=ilias
|isRelevant=Yes
}}

== Please read ==

Option 1:
    - Virtual machine software (VMWare, VirtualBox etc...)
    - Ubuntu 16.04 guest system(with binutils, gdb, python2.7, and the pwntools python module)
    - your C editor of choice
Option 2:
    This is the prefered method.
    - Install VirtualBox
    - Install [https://www.vagrantup.com/ Vagrant] (wrapper for VirtualBox)
    - download this [https://gist.github.com/A2nkF/67a3b3f0d43077f28fa1601735e5301b Vagrantfile]
    - run vagrant up && vagrant ssh
    That will automatically create the ubuntuVM, install all the packages we need and setup a nice debugging environment.
    Another plus is that you will have exactly the same setup as me so debugging any problems is going to be easier.
    NOTE: The installation can take up to an hour.


This Workshop is for beginners. Beginner as in new to binary exploitation not as in new to low level stuff, c and assembly.

We'll try to briefly cover the usage of:
* the pwntools python module
* radare2 dissassembler (mostly for static analysis)
* gdb (for dynamic analysis)
* automated ROP-gadget finders

The focus will be:
* learning about vulnerable C functions
* learning how simple exploits used to be
* learning what the GOT is
* learn what mitigations have been introduced in modern systems
* using ROP (return oriented programming) to bypass many exploit mitigations

I will bring some binarys that we can attempt exploit. 
The goal is for every participant to be able to write a stackpivot->malloc->memcpy->mprotect ropchain to execute shellcode.

== Prerequisites ==
As a participant, you should at least know:
    - C
    - Intel x86_64 assembly
    - the x86_64 calling convention
    Bonus points for knowing the layout of a process in memory and where each section gets loaded into ;D


== Participants (please add your name!) ==
* {{U|barbieauglend}}
* {{U|ytvwld}}
* {{U|hanemile}}
* {{U|bison}} (in blind mode)
* fl0_id
* Plant
* gabriel
* gglyptodon
* Nico

== Resolving technical issues ==

try:
$ wget -q -O- https://github.com/hugsy/gef/raw/master/scripts/gef.sh | sh


== Resources ==
    https://github.com/r0hi7/BinExp
    https://null-byte.wonderhowto.com/how-to/exploit-development-learn-binary-exploitation-with-protostar-0181154/
    https://github.com/Bretley/how2exploit_binary
    https://github.com/tharina/BlackHoodie-2018-Workshop
    https://github.com/chiliz16/ROP-Workshop
    https://wiki.osdev.org/Calling_Conventions
    https://github.com/pythonfoo/pythonfooLite/wiki/Python27

    https://md.chaosdorf.de/_hYEB9-aT6-mQbjaXOftzQ?view