Computer Science 595g: Class files

Spring 2019: Mondays from 3-5 PM in HFH 1132

Contact me at pcgrosen [at] ucsb [dot] edu

Need a slack invite? Email me or talk to me in class.

June 3rd, 2019

Last challenge -- this one involves a bit of reversing first, but then some pwning, if you are interested.

May 20th, 2019

This week's challenge: a real CTF challenge from CODEGATE Quals 2018, RedVelvet

Claripy documentation

Angr documentation

May 13th, 2019

This week's challenge: The Maze -- can you find a path through? (Starter code)

April 22nd, 2019

Ghidra (Reverse Engineering GUI)

This week's challenge: The Vault

April 15th, 2019

Snake game -- Win as fast as you can!

April 8th, 2019

Reversing low-level languages: somewhat-evil

April 1st, 2019

Introductory reversing challenge (source)

Introductory reversing challenge (trace)




Older classes

March 15th, 2019

Final day: XSS Attack/Defense

Testing site

February 22nd, 2019

Slides on Flask Jinja injection

February 15th, 2019

Slides on AES-CBC

February 8th, 2019

Slides on AES-CTR

February 1st, 2019

Slides on AES-ECB

January 25th, 2019

Slides on SQL schema leaks

January 18th, 2019

Slides on blind SQL injection

January 11th, 2019

Slides on basic SQL injection

December 3rd, 2018

An sh-based jail and a find-based jail for today's activity

Slides on bash jail escapes

November 26th, 2018

Base script for today's activity, and an example solution

Slides on python jail escapes

November 5th, 2018

Slides on format string exploitation

October 29th, 2018

Slides on fastbin use-after-free pivot

October 22nd, 2018

Slides on basic fastbin exploitation

October 15th, 2018

Slides on ASLR and leaking

October 8th, 2018

Slides on ROP

October 1st, 2018

Slides on basic buffer overflows


June 15th, 2018

spring_final

Some notes:

The calculate function may look intimidating, but it is not very long. Persevere and you will solve it.

Be sure to make use of the type annotations that IDA provides due to the debug info in the binary.

When you are finished, shoot me a message on slack. Try to finish by Friday. Good luck!

May 25th, 2018

Printable amd64 shellcode

Last week's shellcoding.zip has been updated to include level 4 (printables only)

May 18th, 2018

Slides

Online assembler for prototyping

shellcoding.zip

April 27th, 2018

Surprise challenge!

April 20th, 2018

Slides

bitwhistle challenge

April 13th, 2018

afternoon_tea note (start here!)

afternoon_tea binary

(64-bit version)

afternoon_tea hints

April 6th, 2018

Slides

Compiler Explorer (godbolt)

Introduction file

Challenge note (start here!)

Challenge binary

March 9th, 2018

Challenge day! No slides.

Challenge Source

Challenge Binary

      nc pwning.int80.net 5559
    

March 2nd, 2018

Slides

Challenge Source

Challenge Binary

nc pwning.int80.net 5558

February 23rd, 2018

Continuing on with simple_rop from February 9th . . .

exploit_starter.py

Connect to the server with

$ python exploit_starter.py pwning.int80.net 5556

IDA stack layout screenshot

libc.so lookup site

Introduction to Reversing Slides

And a new challenge, BaskinRobins31, from Codegate Quals 2018: BaskinRobins31 Binary

February 16th, 2018

RSA on Wikipedia

Crypto Challenges (see slack for help)

February 9th, 2018

Smashing the Stack for Fun and Profit

Challenge source

Challenge binary

angrop

Slides

February 2nd, 2018

Slides

January 19th, 2018

Slides

Meltdown example (Check out the libkdump folder)

Project Zero Blogpost (highly technical)

Meltdown site, Spectre site