-
Quick And Dirty Assembly
Initial page Instruction References AMD64 Architecture Programmer’s Manual Volume 3: General Purpose and System Instructions: https://developer.amd.com/resources/developer-guides-manuals/ Intel: https://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-instruction-set-reference-manual-325383.pdf NASM and Intel syntax https://www.nasm.us/doc/nasmdoc0.html https://cs.lmu.edu/~ray/notes/nasmtutorial/ Compile and link without glibc Entry point is _start by default section .text global _start _start: nasm -f elf64 foo.asm -o foo.o ld -m elf_x86_64 -entry=_start...
-
Exploiting ASLR and NX
For this topic I went with bitterman challenge from CAMP CTF 2015 https://archive.aachen.ccc.de/campctf.ccc.ac/challenges/ IDA Opening bitterman in IDA I see local variables for main, and the function prologue making space for what seems like a stack buffer The space allocated for local variables is 0xB0 (176 bytes). argv and argc...
-
Exploiting NX
For this topic I went with https://blog.techorganic.com/2015/04/21/64-bit-linux-stack-smashing-tutorial-part-2/ Disassembly I made an effort to ignore the source code and use disassembly to identify the buffer overflow. I set the assembly flavor to be Intel for easier reading. devel@kub:~/challenges/r2libc$ objdump -M intel -d ./ret2libc <snip> 0000000000401176 <vuln>: 401176: f3 0f 1e fa...