This repository is a collection of challenges to write exploits and learn some kind of cool stuffs about information security.
If you want to learn about AppSec, binary exploitation and/or exploit development, this is the place.
If you want to compile some challenge you can just use the Makefile inside
of all challenge directories. But for commodity here has a Makefile on
root directory that can be used to compile any of the challenges.
Just run make <chlg-number> to compile it. For instance:
$ make 001Doesn't want to download or run something on your computer? No worry, you can use a Docker container to run the challenges.
If you want to build the Docker image just run make docker-<chlg-number>.
For instance:
$ make docker-001And to run the container:
$ make run-001If you want to get the challenge binary inside the container, just run:
$ make get-001If you don't want to clone this repository to run the container, just run:
$ docker run --rm -d --name "exploitme001" "silva97/exploitme001"And to get the container's IP address:
$ docker inspect -f '{{ .NetworkSettings.IPAddress }}' exploitme001To get the challenge binary inside the container:
$ docker run --rm --entrypoint cat "silva97/exploitme001:latest" /app/challenge > ./challengeThe objective to all challenges is write an exploit that is able to explore
the security issue and get the flag. The flag always follows the format
EME{...}. Example: EME{exploitme001}.
Note: You are free to read the code, reverse engineering the binary or do anything you need to win the challenge. Your approach is more about what you want to practice (code auditation, reverse engineering etc.).
Please read the CONTRIBUTING.md to see how to contribute or submit your
solution for this repository.