An Arch Linux based docker container prepared to PWN/RE category.
You should have docker running.
Create the container
makeif you are logged out and want to re-enter into the container:
make docker_runTo delete everything (WARNING you shall not run this command unless you really know what you are doing!):
make prune- git
- vim/nvim
- make
- gcc/gdb
- r2
- nasm
- pwntools/pwndbg
- ropgadget
- checksec
Here are some notes about binary exploitation or PWN
When doing a pwn challenge and especially if you are beginner, you may want to check out some of these concepts.
- Buffer overflow
- Format string vulnerability
- Use-after-free
- Return-oriented programming (ROP)
- Heap exploitation
- Control-flow hijacking
- Race conditions
- Shellcode injection
- Time-of-check to time-of-use (TOCTTOU) race conditions
- Null byte injection
- Off-by-one errors
- Stack pivoting
- Integer truncation
- Signedness errors
- Function pointer overwrites
- Bit flipping
- Side-channel attacks
- Privilege escalation
- Kernel exploitation
- Canary bypass
- Address space layout randomization (ASLR) bypass
- Data execution prevention (DEP) bypass
Who cares?