Hey, let’s go back to binary exploitation after a quick hiatus. I’ll talk about sigreturn-oriented programming today or SROP in short. I managed to exploit a challenge using that technique today and this post will be more or less a summary of what the technique does and what I did learn along the challenge resolution. …
Yo, it’s me again. It’s been almost one full month since we started that initiative. Let’s continue our return-oriented programming exploitation. Today we will try to create our ropchain manually and exploit our same binary. Preparations I will recompile the binary using a static library to have a lot more gadgets using the -static …
This article should be pretty easy with what we learned last time but we could end up being surprised. I’ll try to exploit the same vulnerability, this time using ROP rather than ret-to-libc. What is Return-oriented Programming (or ROP) Return-oriented programming is an exploitation technique relying on the program’s own code to execute arbitrary …