Skip to content
/ rainfall Public

Introduction to binary exploitation and reverse engeenering (42 project)

1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

tsiguenz/rainfall

BranchesTags

Repository files navigation

rainfall

Introduction

The goal of this project is to increase our privileges with a vulnerable binary to go to the next level.
For each level we need to write a pseudo code of the binary in source.c but they are only a representation of the asm code, they may not compile.
To improve our understanding of assembly language we decide to not use any decompiler like ghidra or IDA and only use vanilla gdb.

Usefull commands

GDB

t Use intel syntax:

set disassembly-flavor intel

Print saved EBP and saved EIP:

x/2xw $ebp

Edit register:

set $eip=0x0

Get infos about beginning of stack or heap:

info proc mapping

Run program with command in stdin:

r < <(python -c "print('B' * 150)")

Get binary informations

Print disasembled binary:

objdump --no-show-raw-insn -M intel -d <binary>

Check if the stack is executable:

readelf -l <binary> | grep GNU_STACK

Check endianess:

readelf -h <binary> | grep endian

Misc

To get an interactive shell (see why):

cat payload.txt - | ./<binary>
or
(python -c "print(<payload>)" | cat) | ./<binary>

Generate payloads:

python -c "print('A' * 64...)"

Usefull link

  • To find shellcodes: link

About

Introduction to binary exploitation and reverse engeenering (42 project)

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages