This repository contains all the material I wrote for an advanced reading course during my final semester of university. It involves learning the basics of exploit development on Linux for both the x86 and ARM architecture.

What was achieved?

0. Lab Setup

• Very basic information about what I used for my x86 and ARM lab machines.

1. Introduction To Stack Overflows

• Beginners introduction to the basics of stack overflows

2. Exploiting Stack Overflows With Shellcode on x86 and ARM

• The meat of these writeups!
• Explains and provides information on how to write your own shellcode for x86 and ARM
• Walks through exploiting stack overflows using both the NOP sled and ROP methods for x86 and ARM

3. Exploiting Heap Overflows on ARM

• Short introduction on what the heap is
• Basic example of how to exploit a heap-based vulnerability on ARM

4. Bonus Presentation

• Slide based presentation I did at the end of the course
• Shows how to escalate priviliges when exploiting a vulnerable SUID executable

Course texts:

1. The Shellcoder's Handbook: Discovering and Exploiting Security Holes
   • By Chris Anley, John Lindner, and Gerardo Richarte
2. Hacking: The Art of Exploitation
   • By John Erickson

Note:

I have provided all the source code used within the labs as well as the source code and images for the writeups, feel free to use or modify them however you like. If you would like, you can cite me and this gitlab page as a reference within your own material.

DISCLAIMER:

I am NOT responsible for any misuse of the code and resources provided within this repository nor for any misinformation within the provided texts. This is purely for educational purposes.