ARM ROP Exploitation Intro
From 35C3 Wiki
| Description | Exploiting stack based buffer overflows using ROP on ARM |
|---|---|
| Website(s) | https://blog.3or.de/arm-exploitation-return-oriented-programming.html, https://blog.3or.de//35c3 |
| Type | Workshop |
| Kids session | No |
| Keyword(s) | embedded, hacking, security |
| Tags | arm, exploitation, return oriented programming, stack overflow |
| Processing assembly | Assembly:Narwhals |
| Person organizing | |
| Language | de - German, en - English |
Other sessions...
| |
(Click here to refresh this page.)
| Starts at | 2018/12/27 12:00 |
|---|---|
| Ends at | 2018/12/27 15:00 |
| Duration | 180 minutes |
| Location | Room:Lecture room M1 |
In this workshop we will quickly look into how stack based buffer overflows work, then proceed to return oriented programing on ARM. In the end all participants can do a prepared exercise where they will exploit a stack based buffer overflow using by executing system(/bin/bash) using a simple ROP chain.
Prerequisites to ensure a smooth workshop:
- See my accompanying blogpost if can't wait: https://blog.3or.de/arm-exploitation-return-oriented-programming.html
- The virtual environment described in the first part "Setup and Tools" should be up and running. Just use the prebuild environment!
- Basic ARM assembly knowledge: Introduction to ARM Assembly Basics by Azeria: https://azeria-labs.com/writing-arm-assembly-part-1/
- Running ropper: https://github.com/sashs/Ropper
Please check back later for any additional prerequisites