Exploitation Primitives

Software Exploitation.

Prior modules introduced specific vulnerabilities or exploitation techniques that can be used to gain the ability to read, write, or influence control flow. These types of exploits can be categorized into exploitation primitives:

Arbitrary Read
Arbitrary Write
Arbitrary Call

This module explores how to create and leverage reusable exploitation primitives.

These primitives will need to be repeatedly used to "pivot" around memory. This "pivoting" can turn a pointer leak into almost any memory address a skilled hacker desires.

A short read on some methods used in pivoting around memory.

Challenges

Create and use arbitrary read primitives to read from the .bss.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Create and use arbitrary read primitives to read from the .bss.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Create and use arbitrary read primitives to read from a thread's heap.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Create and use arbitrary read primitives to read from a thread's heap.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Create and use arbitrary read primitives to read from a thread's stack.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Create and use arbitrary read primitives to read from a thread's stack.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Create and use arbitrary read primitives to read from the .bss, now with PIE.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Create and use arbitrary read primitives to read from the .bss, now with PIE.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Create and use arbitrary read primitives to read from the environment.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Create and use arbitrary read primitives to read from the environment.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Create and use arbitrary read primitives to read from the main heap.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Create and use arbitrary read primitives to read from the main heap.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Create and use arbitrary read/write primitives to obtain the flag.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Create and use arbitrary read/write primitives to obtain the flag.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Create and use arbitrary read/write primitives to obtain the flag.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Create and use arbitrary read/write primitives to obtain the flag.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Create and use arbitrary read/write primitives with less control of the heap.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Create and use arbitrary read/write primitives with less control of the heap.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Create and use arbitrary read/write primitives with less control of the heap II.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

Create and use arbitrary read/write primitives with less control of the heap II.

Connect with SSH

Link your SSH key, then connect with: ssh hacker@pwn.college

30-Day Scoreboard:

This scoreboard reflects solves for challenges in this module after the module launched in this dojo.

7-Day | 30-Day | All-Time

Rank		Hacker	Badges		Score