Difference between revisions of "Binary Exploitation Workshop"

From Chaosdorf Wiki
Jump to navigation Jump to search
Line 12: Line 12:
|project category=Meet-Up
|project category=Meet-Up

Revision as of 11:17, 24 June 2019

Binary Exploitation Workshop
Art Meet-Up
Datum 2019-07-02
Start 17:00
relevant? Yes
Binary Exploitation Workshop alpha
Binary Exploitation Workshop
Ort Chaosdorf
Beteiligt ilias

Exploitation Workshop
Binary Exploitation Workshop
Art Workshop
Start 17:00
Host ilias
relevant? Yes

Please read


Option 1:

   - Virtual machine software (VMWare, VirtualBox etc...)
   - Ubuntu 16.04 guest system(with binutils, gdb, python2.7, and the pwntools python module)
   - your C editor of choice

Option 2:

   This is the prefered method.
   - Install VirtualBox
   - Install Vagrant (wrapper for VirtualBox)
   - download this Vagrantfile
   - run vagrant up && vagrant ssh
   That will automatically create the ubuntuVM, install all the packages we need and setup a nice debugging environment.
   Another plus is that you will have exactly the same setup as me so debugging any problems is going to be easier.
   NOTE: The installation can take up to an hour.

This Workshop is for beginners. Beginner as in new to binary exploitation not as in new to low level stuff, c and assembly.

We'll try to briefly cover the usage of:

  • the pwntools python module
  • radare2 dissassembler (mostly for static analysis)
  • gdb (for dynamic analysis)
  • automated ROP-gadget finders
  • oneshot gadgets

The focus will be:

  • learning about vulnerable C functions
  • learning how simple exploits used to be
  • learning what the GOT is
  • learn what mitigations have been introduced in modern systems
  • using ROP (return oriented programming) to bypass many exploit mitigations

I will bring some binarys that we can attempt exploit. The goal is for every participant to be able to write a stackpivot->malloc->memcpy->mprotect ropchain to execute shellcode.

Participants (please register!)

As a participant, you should at least know: - C - Intel x86_64 assembly - the x86_64 calling convention Bonus points for knowing the layout of a process in memory and where each section gets loaded into ;D

Participants (please register!)

- barbieauglend


https://github.com/r0hi7/BinExp https://null-byte.wonderhowto.com/how-to/exploit-development-learn-binary-exploitation-with-protostar-0181154/ https://github.com/Bretley/how2exploit_binary