Exploitation Primitives

Software Exploitation.

Prior modules introduced specific vulnerabilities or exploitation techniques that can be used to gain the ability to read, write, or influence control flow. These types of exploits can be categorized into exploitation primitives:

Arbitrary Read
Arbitrary Write
Arbitrary Call

This module explores how to create and leverage reusable exploitation primitives.

These primitives will need to be repeatedly used to "pivot" around memory. This "pivoting" can turn a pointer leak into almost any memory address a skilled hacker desires.

A short read on some methods used in pivoting around memory.

Challenges

Create and use arbitrary read primitives to read from the .bss.

Create and use arbitrary read primitives to read from a thread's heap.

Create and use arbitrary read primitives to read from a thread's stack.

Create and use arbitrary read primitives to read from the .bss, now with PIE.

Create and use arbitrary read primitives to read from the environment.

Create and use arbitrary read primitives to read from the main heap.

Create and use arbitrary read/write primitives to obtain the flag.

Create and use arbitrary read/write primitives with less control of the heap.

Create and use arbitrary read/write primitives with less control of the heap II.

30-Day Scoreboard:

This scoreboard reflects solves for challenges in this module after the module launched in this dojo.

7-Day | 30-Day | All-Time

Rank		Hacker	Badges		Score

Exploitation Primitives

Software Exploitation.

Advanced Exploitation: Introduction

Advanced Exploitation: Heap Address Disclosure via Race Conditions

Advanced Exploitation: In-Memory Forensics

Advanced Exploitation: Exploit Primitives

Advanced Exploitation: End-to-End Pwnage

Further Reading

Challenges

level1.0

level1.1

level2.0

level2.1

level3.0

level3.1

level4.0

level4.1

level5.0

level5.1

level6.0

level6.1

level7.0

level7.1

level8.0

level8.1

level9.0

level9.1

level10.0

level10.1

30-Day Scoreboard:

Exploitation Primitives

Software Exploitation.

Advanced Exploitation: Introduction

Advanced Exploitation: Introduction

Advanced Exploitation: Heap Address Disclosure via Race Conditions

Advanced Exploitation: Heap Address Disclosure via Race Conditions

Advanced Exploitation: In-Memory Forensics

Advanced Exploitation: In-Memory Forensics

Advanced Exploitation: Exploit Primitives

Advanced Exploitation: Exploit Primitives

Advanced Exploitation: End-to-End Pwnage

Advanced Exploitation: End-to-End Pwnage

Further Reading

Further Reading

Challenges

level1.0 2 hacking, 216 solves

level1.0

level1.1 212 solves

level1.1

level2.0 202 solves

level2.0

level2.1 204 solves

level2.1

level3.0 1 hacking, 191 solves

level3.0

level3.1 188 solves

level3.1

level4.0 183 solves

level4.0

level4.1 179 solves

level4.1

level5.0 1 hacking, 186 solves

level5.0

level5.1 182 solves

level5.1

level6.0 185 solves

level6.0

level6.1 182 solves

level6.1

level7.0 183 solves

level7.0

level7.1 181 solves

level7.1

level8.0 173 solves

level8.0

level8.1 174 solves

level8.1

level9.0 163 solves

level9.0

level9.1 160 solves

level9.1

level10.0 165 solves

level10.0

level10.1 163 solves

level10.1

30-Day Scoreboard: