Exploitation Primitives


CSE 598 - Spring 2024

Prior modules introduced specific vulnerabilities or exploitation techniques that can be used to gain the ability to read, write, or influence control flow. These types of exploits can be categorized into exploitation primitives:

This module explores how to create and leverage reusable exploitation primitives.

These primitives will need to be repeatedly used to "pivot" around memory. This "pivoting" can turn a pointer leak into almost any memory address a skilled hacker desires.


Lectures and Reading


Challenges

Create and use arbitrary read primitives to read from the .bss.

Create and use arbitrary read primitives to read from the .bss.

Create and use arbitrary read primitives to read from a thread's heap.

Create and use arbitrary read primitives to read from a thread's heap.

Create and use arbitrary read primitives to read from a thread's stack.

Create and use arbitrary read primitives to read from a thread's stack.

Create and use arbitrary read primitives to read from the .bss, now with PIE.

Create and use arbitrary read primitives to read from the .bss, now with PIE.

Create and use arbitrary read primitives to read from the environment.

Create and use arbitrary read primitives to read from the environment.

Create and use arbitrary read primitives to read from the main heap.

Create and use arbitrary read primitives to read from the main heap.

Create and use arbitrary read/write primitives to obtain the flag.

Create and use arbitrary read/write primitives to obtain the flag.

Create and use arbitrary read/write primitives to obtain the flag.

Create and use arbitrary read/write primitives to obtain the flag.

Create and use arbitrary read/write primitives with less control of the heap.

Create and use arbitrary read/write primitives with less control of the heap.

Create and use arbitrary read/write primitives with less control of the heap II.

Create and use arbitrary read/write primitives with less control of the heap II.


30-Day Scoreboard:

This scoreboard reflects solves for challenges in this module after the module launched in this dojo.

Rank Hacker Badges Score