====== 0x0E. Topics on Advanced Attacks ======

===== Slides =====

{{:session:14-advanced-topics.pdf|}}

===== Tutorials =====

Install angr. See [[http://angr.io/install.html]]
<note important>You need to use a virtualenv for the installation. It will not work correctly otherwise</note>

Download {{:session:session-14.tgz|}}

Switch to task-0 and first analyze the binary manually (IDA, gdb, etc). Then analyze the Angr solver: where the state starts, the avoided branches and the target state. Check that it works as expected.
===== Tasks =====

Switch to task-1. The task performs a hash on the input and overwrites the return address with the function output. Use this to jump to the win() function.
  * Solve the task by hand
  * Solve the task using the provided skeleton script.