ARM ROP Exploitation Intro
From 35C3 Wiki
Description | Exploiting stack based buffer overflows using ROP on ARM |
---|---|
Website(s) | https://blog.3or.de/arm-exploitation-return-oriented-programming.html, https://blog.3or.de//35c3 |
Type | Workshop |
Kids session | No |
Keyword(s) | embedded, hacking, security |
Tags | arm, exploitation, return oriented programming, stack overflow |
Processing assembly | Assembly:Narwhals |
Person organizing | |
Language | de - German, en - English |
Other sessions...
|
(Click here to refresh this page.)
Starts at | 2018/12/27 12:00 |
---|---|
Ends at | 2018/12/27 15:00 |
Duration | 180 minutes |
Location | Room:Lecture room M1 |
In this workshop we will quickly look into how stack based buffer overflows work, then proceed to return oriented programing on ARM. In the end all participants can do a prepared exercise where they will exploit a stack based buffer overflow using by executing system(/bin/bash) using a simple ROP chain.
Prerequisites to ensure a smooth workshop:
- See my accompanying blogpost if can't wait: https://blog.3or.de/arm-exploitation-return-oriented-programming.html
- The virtual environment described in the first part "Setup and Tools" should be up and running. Just use the prebuild environment!
- Basic ARM assembly knowledge: Introduction to ARM Assembly Basics by Azeria: https://azeria-labs.com/writing-arm-assembly-part-1/
- Running ropper: https://github.com/sashs/Ropper
Please check back later for any additional prerequisites