User Tools
session:extra:advanced-attacks
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
session:extra:advanced-attacks [2016/06/30 20:51] Razvan Deaconescu [0x0E. Advanced Attack Topics] |
session:extra:advanced-attacks [2020/07/19 12:49] (current) |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | = 0x0E. Topics on Advanced Attacks | + | ====== 0x0E. Topics on Advanced Attacks |
| ===== Slides ===== | ===== Slides ===== | ||
| - | TODO | + | {{: |
| ===== Tutorials ===== | ===== Tutorials ===== | ||
| - | TODO | + | Install angr. See [[http:// |
| + | <note important> | ||
| + | Download {{: | ||
| + | |||
| + | Switch to task-0 and first analyze the binary manually (IDA, gdb, etc). Then analyze the Angr solver: where the state starts, the avoided branches and the target state. Check that it works as expected. | ||
| ===== Tasks ===== | ===== Tasks ===== | ||
| - | TODO | + | Switch to task-1. The task performs a hash on the input and overwrites the return address with the function output. Use this to jump to the win() function. |
| + | * Solve the task by hand | ||
| + | * Solve the task using the provided skeleton script. | ||
session/extra/advanced-attacks.1467309062.txt.gz · Last modified: 2016/06/30 20:51 by Razvan Deaconescu
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
