Skip to content

Latest commit

 

History

History
41 lines (31 loc) · 1.76 KB

README.md

File metadata and controls

41 lines (31 loc) · 1.76 KB

exploit-exercises

Ubuntu vagrant box with 32/64 bit protostar binaries to practice exploit development.

How to use

vagrant up
vagrant ssh

cd exercises

Protostar

Protostar introduces basic memory corruption issues such as buffer overflows, format strings and heap exploitation under “old-style” Linux system that does not have any form of modern exploit mitigation systems enabled.

Installed GDB Extensions

alias peda="gdb -iex 'source /opt/peda/peda.py' --nh -q"
alias gef="gdb -iex 'source /opt/gef/gef.py' --nh -q"
alias pwndbg="gdb -iex 'source /opt/pwndbg/gdbinit.py' --nh -q"

PEDA

PEDA (Python Exploit Development Assistance) is an extension to GDB that adds on a whole bunch of useful commands and quality of life improvements to the standard GDB experience. The provisioning script should have made the necessary additions to the GDB configuration so all you need to do to start it is launch GDB with the alias peda.

$ peda binary

GEF

GEF (pronounced ʤɛf - "Jeff") is a set of commands for x86/64, ARM, MIPS, PowerPC and SPARC to assist exploit developers and reverse-engineers when using old school GDB. It provides additional features to GDB using the Python API to assist during the process of dynamic analysis and exploit development. Application developers will also benefit from it, as GEF lifts a great part of regular GDB obscurity, avoiding repeating traditional commands, or bringing out the relevant information from the debugging runtime.

$ gef binary

pwndbg

pwndbg (/poʊndbæg/) is a GDB plug-in that makes debugging with GDB suck less, with a focus on features needed by low-level software developers, hardware hackers, reverse-engineers and exploit developers.

$ pwndbg binary