In SECCON 2018 - classic challenge, there is a stack overflow vulnerability which leads to overwriting the return address. Using return oriented programming (ROP), we first leak puts@GOT address to find libc base address, write another ROP payload into .bss by calling gets@GOT, and move the control to the payload in .bss using stack pivoting which jumps to one gadget to execute /bin/sh. This is an interesting ROP challenge to learn bypassing protections like NX, Partial RELRO, and ASLR in x86_64 binaries.
classic
Folders and files
| Name | Name | Last commit date | ||
|---|---|---|---|---|
parent directory.. | ||||