Software vulnerabilities are flaws in program logic that can be leveraged by an attacker to execute arbitrary code on a target system. This project include the lab covering both the identification of software vulnerabilities and the techniques attackers use to exploit them. In addition, current techniques that attempt to remediate the threat of software vulnerability exploitation will be dicussed.
This will be a lab driven class where specific software vulnerability types in particular environments are discussed and then exploited in a lab setting. Examples of lab components of the class as well as specific topics covered include:
- Shellcode development
- Stack overflow exploitation
- Heap overflow exploitation
- Static source code analysis
- Defeating non-executable stack protection
1. Bomb lab
A binary bomb is a program that consists of a sequence of phases. Each phase expects you to type a particular string on stdin. If you type the correct string, then the phase is defused and the bomb proceeds to the next phase. Otherwise, the bomb explodes by printing "BOOM!!!" and then terminating. The bomb is defused when every phase has been defused. You must "defuse" their own unique bomb by disassembling and reverse engineering the program to determine what the 6 strings should be. You need to understand assembly language, and also learn how to use a debugger. It's also great fun.
Solution : defuse_bomb
2. Bufbomb lab
| # | Title | Solution |
|---|---|---|
| 0 | Candel | Exploit_0 |
| 1 | Sparkler | Exploit_1 |
| 2 | Firecracker | Exploit_2 |
| 3 | Dynamite | Exploit_3 |
| 4 | Nitroglycerin | Exploit_4 |
3. Attack lab
| # | Title | Solution |
|---|---|---|
| 0 | Level 0 | Exploit_0 |
| 1 | Level 1 | Exploit_1 |
| 2 | Level 2 | Exploit_2 |
| 3 | Level 3 | Exploit_3 |
| 4 | Level 4 | Exploit_4 |
Shellcoding for Linux and Windows Tutorial
Shellcodes database for study cases
Course Computer System Programming : Carnegie Mellon University