Binary Exploitation


CSE 365 - Fall 2023.

Now let's put everything together and learn how to exploit binaries.


Recorded Lectures:

11/22/23 Binary Security Pt. 1:



11/27/23 Binary Security Pt. 2:



11/29/23 Binary Security Pt. 3:



The excellent Zardus (creator of pwn.college) has recorded lectures and slides that might be useful:

Shellcode Injection: Introduction



Shellcode Injection: Common Challenges



Shellcode Injection: Data Execution Prevention



Memory Errors: Introduction



Memory Errors: High-level Problems



Memory Errors: Smashing the Stack



Memory Errors: Causes of Corruption 1



Memory Errors: ASLR



Memory Errors: Causes of Disclosure



Exploitation Scenarios: Introduction



Exploitation Scenarios: Hijacking to Shellcode



Exploit a (memory corruption) stack injection vulnerability

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Write and execute shellcode to read the flag!

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Write and execute shellcode to read the flag, but a portion of your input is randomly skipped.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Write and execute shellcode to read the flag, but your inputted data is filtered before execution.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overflow a buffer on the stack to set the right conditions to obtain the flag!

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overflow a buffer on the stack to set the right conditions to obtain the flag!

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overflow a buffer on the stack to set trickier conditions to obtain the flag!

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overflow a buffer on the stack to set trickier conditions to obtain the flag!

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overflow a buffer and smash the stack to obtain the flag!

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overflow a buffer and smash the stack to obtain the flag!

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overflow a buffer and smash the stack to obtain the flag, but this time bypass another check designed to prevent you from doing so!

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overflow a buffer and smash the stack to obtain the flag, but this time bypass another check designed to prevent you from doing so!

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overflow a buffer and smash the stack to obtain the flag, but this time in a position independent (PIE) binary!

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overflow a buffer and smash the stack to obtain the flag, but this time in a position independent (PIE) binary!

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overflow a buffer and smash the stack to obtain the flag, but this time in a position independent (PIE) binary with an additional check on your input.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overflow a buffer and smash the stack to obtain the flag, but this time in a position independent (PIE) binary with an additional check on your input.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overflow a buffer and leak the flag. Be warned, this requires careful and clever payload construction!

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Overflow a buffer and leak the flag. Be warned, this requires careful and clever payload construction!

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Write a full exploit involving shellcode and a method of tricking the challenge into executing it.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Write a full exploit involving shellcode and a method of tricking the challenge into executing it.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Write a full exploit involving injecting shellcode and a method of tricking the challenge into executing it. Note, ASLR is disabled!

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Write a full exploit involving injecting shellcode and a method of tricking the challenge into executing it. Note, ASLR is disabled!

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

30-Day Scoreboard:

This scoreboard reflects solves for challenges in this module after the module launched in this dojo.

7-Day | 30-Day | All-Time

Rank Hacker Badges Score