/sectalks-syd-0x21

The slides and CTF challenges for Sectalks Sydney 0x21

Primary LanguageC

Sectalks Sydney 0x21

Hey there! For sectalks I put together a little workshop on the Return-Oriented-Exploitation technique.

With modern exploit mitigation techniques such as NX, utilizing a buffer overflow vulnerability to gain code execution in shellcode is becoming more and more difficult. Return-orientated-programming (ROP) is an exploit technique used to bypass such mitigations to perform arbitrary code execution. Join us as we cover the ROP technique and variations in detail, and go through some exercises in this workshop.

Included are the CTF challenges and the source code associated with them. In there is the docker files for each, so just docker compose run them and enjoy! Although some tinkering with a base linux image with socat is required - but i'll leave that as an exercise to the reader ;)

Enjoy!