Workshop-ARM BSidesMunich2018

ARM shellcode and exploit development

Workshop topics

ARM Architecture

ARM CPU
Registers
Instructions
PC-relative addressing
Calling convention and Stack frames

LAB1 - Debugging on ARM system

Shellcode

syscalls
Shell spawning shellcode (ARM/Thumb) + LAB2
Bind TCP shellcode (ARM) + LAB3
Reverse shell shellcode (ARM)

Exploit

Tools introduction (pwntools, ROPGadget)
Modify the value of a local variable (stack1) + LAB4
Vulnerability mitigations
Ret to libc - Bypass NX and execute a shell with a single ROP gadget (stack_sh) + LAB5
Bypass NX with ROP using mprotect (stack_mprotect) + LAB6
ASLR
Bypassing NX and ASLR (stack_aslr) + LAB7

Enviroment

Raspberry pi 3
Image: raspbian-2018-03-14 (http://ftp.jaist.ac.jp/pub/raspberrypi/raspbian/images/raspbian-2018-03-14/)

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
code/Workshop		code/Workshop
README.md		README.md
workshop_slides.pdf		workshop_slides.pdf

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Workshop-ARM BSidesMunich2018

ARM shellcode and exploit development

Workshop topics

ARM Architecture

LAB1 - Debugging on ARM system

Shellcode

Exploit

Enviroment

About

Releases

Packages

Languages

lightoyou/Workshop-BSidesMunich2018

Folders and files

Latest commit

History

Repository files navigation

Workshop-ARM BSidesMunich2018

ARM shellcode and exploit development

Workshop topics

ARM Architecture

LAB1 - Debugging on ARM system

Shellcode

Exploit

Enviroment

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages