session:extra:advanced-attacks
This is an old revision of the document!
Table of Contents
0x0E. Topics on Advanced Attacks
Slides
Tutorials
Install angr. See http://angr.io/install.html
You need to use a virtualenv for the installation. It will not work correctly otherwise
Download session-14.tgz
Switch to task-0 and first analyze the binary manually (IDA, gdb, etc). Then analyze the Angr solver: where the state starts, the avoided branches and the target state. Check that it works as expected.
Tasks
Switch to task-1. The task performs a hash on the input and overwrites the return address with the function output. Use this to jump to the win() function.
- Solve the task by hand
- Solve the task using the provided skeleton script.
session/extra/advanced-attacks.1497714717.txt.gz · Last modified: by Razvan Deaconescu