Exploitation Crash Course

Presenter: Scott Hand

Date: 15 Sept 2012

Description: This presentation goes over basic exploitation techniques. Topics include:

  • Introduction to x86 paradigms used exploited by these techniques
  • Stack overflows including the classic stack smashing attack
  • Ret2libc
  • Format string exploits
  • Heap overflows and metadata corruption attacks

The presentation makes use of the Protostar VM at Exploit Exercises.


Materials - Contents:

  • sf.c - A very simple format string vulnerability
  • vuln.c - A very simple heap overflow vulnerability
  • heap2b.c - A fixed version of the Protostar Heap2 challenge