# HITCON-Training **Repository Path**: h0pe-ay/HITCON-Training ## Basic Information - **Project Name**: HITCON-Training - **Description**: For Linux binary Exploitation - **Primary Language**: Unknown - **License**: GPL-3.0 - **Default Branch**: master - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 1 - **Forks**: 0 - **Created**: 2020-04-02 - **Last Updated**: 2021-08-15 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README # HITCON-Training For Linux binary Exploitation ## Environment Setup git clone https://github.com/scwuaptx/HITCON-Training.git ~/ cd HITCON-Training && chmod u+x ./env_setup.sh && ./env_setup.sh ## Outline + Basic Knowledge + Introduction + Reverse Engineering + Static Analysis + Dynamic Analysis + Exploitation + Useful Tool + IDA PRO + GDB + Pwntool + lab 1 - sysmagic + Section + Compile,linking,assmbler + Execution + how program get run + Segment + x86 assembly + Calling convention + lab 2 - open/read/write + shellcoding + Stack Overflow + Buffer Overflow + Return to Text/Shellcode + lab 3 - ret2shellcode + Protection + ASLR/DEP/PIE/StackGuard + Lazy binding + Return to Library + lab 4 - ret2lib + Return Oriented Programming + ROP + lab 5 - simple rop + Using ROP bypass ASLR + ret2plt + Stack migration + lab 6 - migration + Format String Attack + Format String + Read from arbitrary memory + lab 7 - crack + Write to arbitrary memory + lab 8 - craxme + Advanced Trick + EBP chain + lab 9 - playfmt + x64 Binary Exploitation + x64 assembly + ROP + Format string Attack + Heap exploitation + Glibc memory allocator overview + Vulnerablility on heap + Use after free + lab 10 - hacknote + Heap overflow + house of force + lab 11 - 1 - bamboobox1 + unlink + lab 11 - 2 - bamboobox2 + Advanced heap exploitation + Fastbin attack + lab 12 - babysecretgarden + Shrink the chunk + Extend the chunk + lab 13 - heapcreator + Unsortbin attack + lab 14 - magicheap + C++ Exploitation + Name Mangling + Vtable fucntion table + Vector & String + New & delete + Copy constructor & assignment operator + lab 15 - zoo + 那些 Pwning 的奇淫技巧: