ROP It Like It's Hot: A 101 on BOFs, ROPs, and Shellcode Development on Linux
Details
Speaker: Nadeem Douba
Abstract: To a normal human, hacking things like browsers and software seems like black voodoo magic. Even people in IT security struggle with the basic understanding of how a buffer overflow works. This workshop aims to demystify the art of exploiting vulnerabilities in binary software and equips you with the tools to pwn software on your own! We'll cover the following topics:
-
A brief introduction to Assembly
-
A brief overview of the Linux Stack
-
Our Toolkit for Exploit Development
-
Controlling the Instruction Pointer
a. Classic BOF (no strings attached)
b. ROP till' you drop (Defeating NX)
c. Where am I? (Defeating ASLR)
d. Silence the Canary (Defeating Stack Canaries)
- Advanced Topics to Research
Students are expected to bring a laptop as this workshop is hands-on. The following tools/software is required:
-
A VMWare image of 32-bit Kali Linux (download: http://cdimage.kali.org/kali-1.0.9a/kali-linux-1.0.9a-i386.iso )
-
PEDA ( https://github.com/longld/peda )- Metasploit (apt-get install metasploit)- Shelln00b (apt-get install shellnoob)
-
ROPGadget (git clone https://github.com/0vercl0k/rp )
-
IDA Demo 6.6 for Linux ( http://out7.hex-rays.com/files/idademo66_linux.tgz )
-
build-essential: apt-get install build-essential
-
wine: apt-get install wine
Students are encouraged to work in groups so encourage your friends to come along!
WARNING: We are in no way responsible for any hair loss during the course of this workshop. Successfully exploiting software may result in unusual happy dance behaviour.
ROP It Like It's Hot: A 101 on BOFs, ROPs, and Shellcode Development on Linux