Class files

Contact me at pcgrosen [at] ucsb [dot] edu

Need a slack invite? Email me or talk to me in class.

595g-files repo

List of calling conventions

x86 Instruction set reference

IDA Freeware version (get this!)


December 3rd, 2018

An sh-based jail and a find-based jail for today's activity

Slides on bash jail escapes

November 26th, 2018

Base script for today's activity, and an example solution

Slides on python jail escapes

November 5th, 2018

Slides on format string exploitation

October 29th, 2018

Slides on fastbin use-after-free pivot

October 22nd, 2018

Slides on basic fastbin exploitation

October 15th, 2018

Slides on ASLR and leaking

October 8th, 2018

Slides on ROP

October 1st, 2018

Slides on basic buffer overflows


Older classes

June 15th, 2018

spring_final

Some notes:

The calculate function may look intimidating, but it is not very long. Persevere and you will solve it.

Be sure to make use of the type annotations that IDA provides due to the debug info in the binary.

When you are finished, shoot me a message on slack. Try to finish by Friday. Good luck!

May 25th, 2018

Printable amd64 shellcode

Last week's shellcoding.zip has been updated to include level 4 (printables only)

May 18th, 2018

Slides

Online assembler for prototyping

shellcoding.zip

April 27th, 2018

Surprise challenge!

April 20th, 2018

Slides

bitwhistle challenge

April 13th, 2018

afternoon_tea note (start here!)

afternoon_tea binary

(64-bit version)

afternoon_tea hints

April 6th, 2018

Slides

Compiler Explorer (godbolt)

Introduction file

Challenge note (start here!)

Challenge binary

March 9th, 2018

Challenge day! No slides.

Challenge Source

Challenge Binary

nc pwning.int80.net 5559
            

March 2nd, 2018

Slides

Challenge Source

Challenge Binary

nc pwning.int80.net 5558

February 23rd, 2018

Continuing on with simple_rop from February 9th . . .

exploit_starter.py

Connect to the server with

$ python exploit_starter.py pwning.int80.net 5556

IDA stack layout screenshot

libc.so lookup site

Introduction to Reversing Slides

And a new challenge, BaskinRobins31, from Codegate Quals 2018: BaskinRobins31 Binary

February 16th, 2018

RSA on Wikipedia

Crypto Challenges (see slack for help)

February 9th, 2018

Smashing the Stack for Fun and Profit

Challenge source

Challenge binary

angrop

Slides

February 2nd, 2018

Slides

January 19th, 2018

Slides

Meltdown example (Check out the libkdump folder)

Project Zero Blogpost (highly technical)

Meltdown site, Spectre site