台大 計算機安全 - Pwn 簡報、影片、作業題目 - Computer Security Fall 2019 @ CSIE NTU Taiwan

Overview

NTU Computer Security Fall 2019 - 台大 計算機安全

擔任台大大助教,與三週 Pwn 課程講師。

課程內容

Week 1: Binary Exploitation - Basic

  • Slide: link
  • Video: link
  • Lab:
    • bof
      • stack buffer overflow, overwrite return address
    • orw
      • seccomp filter syscall, shellcode
  • Homework:
    • Casino
      • oob array access, GOT hijacking, shellcode

Week 2: Binary Exploitation

  • Slide: link
  • Video: link
  • Lab:
    • ROP
      • ROP bypass NX protection
    • ret2plt
      • Practice using plt functions
    • ret2libc
      • information leak, bypass ASLR, practice ret2libc technique
  • Homework:
    • Casino++
      • oob array access, GOT hijacking, leak libc, ret2libc hijack plt function to system()

Week 3: Heap Exploitation

  • Slide: link
  • Video: link
  • Lab:
    • UAF
      • Practice using UAF to leak address and exploit.
    • Note
      • double free, fastbin attack
    • T-Note
      • Tcache dup
  • Homework:
    • Election
      • stack pivoting, ret2csu csu gadget
    • Note++
      • off-by-one null byte overflow, fastbin dup, forge chunk size to leak libc, overwrite __malloc_hook, one gadget

課程題目 challenges

  • 各 week 中 src 底下為題目原始碼
  • 各 week 中 exp 底下為答案解法 exploits

環境 environment

  • OS: ubuntu 18.04
  • GCC: gcc (Ubuntu 7.4.0-1ubuntu1~18.04.1) 7.4.0

Build

cd week1 # week2 week3
docker-compose up -d

Compile (如需自行重編題目 binary)

sudo apt install libseccomp-dev
make
You might also like...
Slides and other materials from CppCon 2019

CppCon 2019 Presentation Materials https://github.com/CppCon/CppCon2019 is the canonical location for presentations and code from CppCon 2019. For Spe

The presentations of C++Now 2019.

C++Now 2019 Presentations Slide Deck Guidelines C++Now 2019 IMPORTANT: Talks that do not have slides or video will have a red question mark ( ❓ ) befo

juicypotato for win10 1803 & win server 2019

juicy_2 JuicyPotato for Win10 1803 & Win Server 2019 Please read my blog post first: https://decoder.cloud/2020/05/30/the-impersonation-game/ Discla

2017-2019 math projects

Project Mathematics All the projects Name Language Grade Year 101 Pong Python3 16.2/20 2017 102 Architect Python3 19.8/20 2017 103 Cipher C 17.2/20 20

Bungie's Oni modified so it compiles with Microsoft Visual Studio 2019.

OniFoxed What's this? This is a modified variant of the recently leaked Oni source code so that it compiles under Microsoft Visual Studio 2019 with so

A D++ Discord Bot template for Visual Studio 2019 (x64 and x86)

D++ Windows Bot Template A D++ Discord Bot template for Visual Studio 2019 (x64 and x86, release and debug). The result of this tutorial. This templat

This repository contains the Assignment code of Data Structures and Algorithms Assignments of SPPU, Second Year IT Syllabus (2019 pattern)

DSAL This repository contains the Assignment code of Data Structures and Algorithms Assignments of SPPU, Second Year IT Syllabus (2019 pattern) Assign

Real-Time Rendering with Lighting Grid Hierarchy I3D 2019 Demo
Real-Time Rendering with Lighting Grid Hierarchy I3D 2019 Demo

Real-Time Rendering with Lighting Grid Hierarchy I3D 2019 Demo Daqi Lin This demo is for the I3D 2019 paper Real-Time Rendering with Lighting Grid Hie

Half-Life Singleplayer SDK 2.3, updated to compile with Visual Studio 2019. Provided as-is with no further support. See the README for more information.

Half Life 1 SDK LICENSE Half Life 1 SDK Copyright© Valve Corp. THIS DOCUMENT DESCRIBES A CONTRACT BETWEEN YOU AND VALVE CORPORATION (“Valve”). PLEASE

Solutions for problems given in ETH course Algorithms Lab in Fall 2020

Algolab2020 Solutions for problems given in ETH course Algorithms Lab in Fall 2020. The code for these problems is written with the following in mind:

Class Code for CSCE 240 Fall 2021

Class Code for CSCE 240 Fall 2021

This is a metamod plugin for Fall Guys maps in Sven Co-op (Steam version) (Windows or Linux)

metamod-fallguys This is a metamod plugin for Fall Guys maps in Sven Co-op (Steam version) (Windows or Linux) Installation Copy everything from build

CPS162  Fall 2021 Group1: Gabriela Fernandez Leon, Tan Dinh, Alan Baxley
CPS162 Fall 2021 Group1: Gabriela Fernandez Leon, Tan Dinh, Alan Baxley

Big-O-Notation Table of contents What is Big O Notation Asymptotic Growth and the Formal Mathematical Definition of Big O Types of Time Complexity Ana

2021 Fall Comp2012h Final Project. A Plant-Vs-Zombie style desktop game with beautiful graphics and sound effects. Developer: thomas914, mitester and tiliuau.

Underperforming Students vs Teachers Table of Contents Underperforming Students vs Teachers Table of Contents Authors Code Conventions Workflow Class

This is the massive repository for all code for the class CIS3250 Fall Semester.

========================================== Transforming Shapes Through Matrix Multiplication ========================================== Description o

Database system project based on CMU 15-445/645 (FALL 2020)

Database system project based on CMU 15-445/645 (FALL 2020)

C-based/Cached/Core Computer Vision Library, A Modern Computer Vision Library

Build Status Travis CI VM: Linux x64: Raspberry Pi 3: Jetson TX2: Backstory I set to build ccv with a minimalism inspiration. That was back in 2010, o

C-based/Cached/Core Computer Vision Library, A Modern Computer Vision Library

Build Status Travis CI VM: Linux x64: Raspberry Pi 3: Jetson TX2: Backstory I set to build ccv with a minimalism inspiration. That was back in 2010, o

🌼 Homework of Computer Systems: A Programmer's Perspective (3rd Edition) and Autolab solutions of CMU 15-513: Intro to Computer Systems
🌼 Homework of Computer Systems: A Programmer's Perspective (3rd Edition) and Autolab solutions of CMU 15-513: Intro to Computer Systems

Exercisebook of Computer Systems: A Programmer's Perspective, 3/E (CS:APP3e) CS:APP3e is written by Randal E. Bryant and David R. O'Hallaron, Carnegie

Owner
yuan
yuawn @DoubleSigma / @balsn  (๑•̀ㅂ•́)ﻭ✧  
yuan
Retter - A collection of hash functions, ciphers, tools, libraries, and materials related to cryptography & security

Retter - A collection of hash functions, ciphers, tools, libraries, and materials related to cryptography & security.

Maciej A. Czyzewski 79 Nov 26, 2022
Internet Identity, a blockchain authentication system for the Internet Computer

Internet Identity Service See ./docs/internet-identity-spec.adoc for a details specification and technical documentation.

DFINITY 235 Nov 21, 2022
The code for C programming 2021, Department of Computer Science, National Taiwan University.

C2021 .c for sousce code, .in for input file, and .out for correct output. The numbers are the problem indices in the judge system. "make number" to m

Pangfeng Liu 6 Jan 10, 2022
CS-GY 6533 A – Interactive Computer Graphics - Fall 2021

CS-GY 6533 A – Interactive Computer Graphics - Fall 2021 Course Instructors Cláudio Silva (instructor) 370 Jay Street, room 1153 [email protected] Offic

null 2 Nov 9, 2021
Project #1: Run-length Encoding (Computer Architecture, Fall 2021)

4190.308 Computer Architecture (Fall 2021) Project #1: Run-length Encoding Due: 11:59PM, September 26 (Sunday) Introduction In this project, you need

SNU Systems Software & Architecture Laboratory 7 Sep 19, 2022
Project #2: FP10 Representation (Computer Architecture, Fall 2021)

4190.308 Computer Architecture (Fall 2021) Project #2: FP10 (10-bit Floating Point) Representation Due: 11:59PM, October 17 (Sunday) Introduction The

SNU Systems Software & Architecture Laboratory 1 Oct 7, 2022
As a Teaching Assistant, this is a sample project about socket programming for my teaching in a capstone course in NTUST(National Taiwan University of Science and Technology)

socket-programming As a Teaching Assistant, this is a sample project about socket programming for my teaching in a capstone course in NTUST(National T

Chang Wei 2 Oct 26, 2021
Set of pre-generated pwn.college challenges

pwn.college Set of pre-generated pwn.college challenges! Setup Replace <INSTANCE> with your instance's name: ./generate_sql.sh | docker exec -i <INSTA

pwn.college 46 Nov 25, 2022
Professor Terence Parr has taught us how to create a virtual machine Now it is time to pwn virtual machine

My First real world CTF Simple Virtual Machine Challenge description Professor Terence Parr has taught us how to create a virtual machine Now it is ti

null 1 Feb 17, 2022