11

GitHub - yuawn/NTU-Computer-Security: 台大計算機安全 - Pwn 簡報、影片、作業題目...

2 years ago

source link: https://github.com/yuawn/NTU-Computer-Security
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

neoserver,ios ssh client

NTU Computer Security Fall 2019 - 台大計算機安全

擔任台大大助教，與三週 Pwn 課程講師。

Week 1: Binary Exploitation - Basic

Slide: speakerdeck.com/yuawn/binary-exploitation-basic
Video: youtu.be/U8N6aE-Nq-Q
Lab:
- bof
  - stack buffer overflow, overwrite return address
- orw
  - seccomp filter syscall, shellcode
Homework:
- Casino
  - oob array access, GOT hijacking, shellcode

Week 2: Binary Exploitation

Slide: speakerdeck.com/yuawn/binary-exploitation
Video: youtu.be/5D7tvxpSUUM
Lab:
- ROP
  - ROP bypass NX protection
- ret2plt
  - Practice using plt functions
- ret2libc
  - information leak, bypass ASLR, practice ret2libc technique
Homework:
- Casino++
  - oob array access, GOT hijacking, leak libc, ret2libc hijack plt function to system()

Week 3: Heap Exploitation

Slide: speakerdeck.com/yuawn/heap-exploitation
Video: youtu.be/rMqvL9j0QaM
Lab:
- UAF
  - Practice using UAF to leak address and exploit.
- Note
  - double free, fastbin attack
- T-Note
  - Tcache dup
Homework:
- Election
  - stack pivoting, ret2csu csu gadget
- Note++
  - off-by-one null byte overflow, fastbin dup, forge chunk size to leak libc, overwrite __malloc_hook, one gadget

課程題目 challenges

各 week 中 src 底下為題目原始碼
各 week 中 exp 底下為答案解法 exploits

環境 environment

OS: ubuntu 18.04
GCC: gcc (Ubuntu 7.4.0-1ubuntu1~18.04.1) 7.4.0

Build

cd week1 # week2 week3
docker-compose up -d

Compile (如需自行重編題目 binary)

sudo apt install libseccomp-dev
make

Recommend

About Joyk

Aggregate valuable and interesting links.
Joyk means Joy of geeK