System and Software Security and Exploitation

Fundamentals of System and C/C++ Software Security and Exploitation
Hacking Tricks, Techniques & Tools
Primary Tools: C++, Bash, Python3
CTF

Requirements

Ubuntu/Debian Linux (Kali Linux 64-bit Preferred)
- add account kali:kali with sudo access
gcc/g++
Jupyter Notebook
Python3
gdb
peda - python exploit development assistant for gdb
sqlite3 C/C++ library
sqlitebrowser
pwntools
boost C++ libraries

Install Required Tools and Packages

update Linux and install tools
install Python 3.x Miniconda for Linux: https://conda.io/en/latest/miniconda.html
run the following commands on a Terminal

sudo apt update
sudo apt upgrade
sudo apt install build-essential # C/C++ compiler, make, etc.
sudo apt install ccache
sudo apt install libboost-all-dev
sudo apt install gcc-multilib g++-multilib # library for compiling 32-bit
sudo apt install gdb
sudo apt install gdbserver
sudo apt install git
sudo apt install libsqlite3-dev # C++ library for Sqlite
sudo apt install sqlitebrowser
curl -o Miniconda.sh https://repo.anaconda.com/miniconda/Miniconda3-latest-Linux-x86_64.sh
bash Miniconda.sh # pick defaults; python 3 is installed!
conda update conda
conda install jupyter notebook # jupyter notebook
conda install -c conda-forge xeus-cling # C++ kernel
conda install -c conda-forge retrolab # replate classic notebook with retro style
pip install ptpython # better python REPL for terminal

Play with Notebooks

clone/download this repository
compile and run C++ programs found in demos folder
using a terminal cd into the repository folder and run jupyter notebook

git clone https://github.com/rambasnet/SoftwareSecurity.git
cd SoftwareSecurity
jupyter retro

copy and paste the link shown on a browser if it doesn't open on its own
open 00-TableOfContents.ipynb notebook that provides table of contents with link to all the notebooks

Name		Name	Last commit message	Last commit date
Latest commit History 199 Commits
ctf-demos		ctf-demos
demos		demos
labs		labs
media		media
pwntools-demos		pwntools-demos
python		python
shellcode		shellcode
.gitignore		.gitignore
00-TableOfContents.ipynb		00-TableOfContents.ipynb
BufferOverflowBasics.ipynb		BufferOverflowBasics.ipynb
BufferOverflowProtections.ipynb		BufferOverflowProtections.ipynb
C-Arrays.ipynb		C-Arrays.ipynb
C-Strings.ipynb		C-Strings.ipynb
CS1-Review.ipynb		CS1-Review.ipynb
CTF.ipynb		CTF.ipynb
DetectingMemoryCorruptionErrors.ipynb		DetectingMemoryCorruptionErrors.ipynb
ELF-ReverseEngineeing.ipynb		ELF-ReverseEngineeing.ipynb
EnvVarSetUID.ipynb		EnvVarSetUID.ipynb
ExploitCode-SprayingRETAddress.ipynb		ExploitCode-SprayingRETAddress.ipynb
ExploitCode-UsingBashScript.ipynb		ExploitCode-UsingBashScript.ipynb
ExploitCode-UsingCPP.ipynb		ExploitCode-UsingCPP.ipynb
ExploitCode-UsingPythonScript.ipynb		ExploitCode-UsingPythonScript.ipynb
FormatStrings.ipynb		FormatStrings.ipynb
Function-Pointers.ipynb		Function-Pointers.ipynb
FunctionsAndUnittesting.ipynb		FunctionsAndUnittesting.ipynb
GDB-Peda.ipynb		GDB-Peda.ipynb
GlobalSegmentOverflow.ipynb		GlobalSegmentOverflow.ipynb
HackingTools.ipynb		HackingTools.ipynb
HeapOverflowExploitation.ipynb		HeapOverflowExploitation.ipynb
LICENSE		LICENSE
LinuxSecurity.ipynb		LinuxSecurity.ipynb
MemorySegments.ipynb		MemorySegments.ipynb
OverflowingFunctionPointers.ipynb		OverflowingFunctionPointers.ipynb
PenTesting.ipynb		PenTesting.ipynb
Pointers.ipynb		Pointers.ipynb
PwntoolsTutorials.ipynb		PwntoolsTutorials.ipynb
PythonBasics.ipynb		PythonBasics.ipynb
README.md		README.md
ROP-new.ipynb		ROP-new.ipynb
ROP.ipynb		ROP.ipynb
SQLInjection.ipynb		SQLInjection.ipynb
SQLite3-Database.ipynb		SQLite3-Database.ipynb
SetUID-ENV-Attack-Defense.ipynb		SetUID-ENV-Attack-Defense.ipynb
SetupVM.ipynb		SetupVM.ipynb
StackOverflow-EnvVariable.ipynb		StackOverflow-EnvVariable.ipynb
StackOverflow-ExecutionFlow.ipynb		StackOverflow-ExecutionFlow.ipynb
StackOverflow-MemoryCorruption.ipynb		StackOverflow-MemoryCorruption.ipynb
StackOverflow-RemoteCodeExecution.ipynb		StackOverflow-RemoteCodeExecution.ipynb
aslr0-1.txt		aslr0-1.txt
aslr0-2.txt		aslr0-2.txt
aslr1-1.txt		aslr1-1.txt
aslr1-2.txt		aslr1-2.txt
aslr2-1.txt		aslr2-1.txt
aslr2-2.txt		aslr2-2.txt
compile.sh		compile.sh
example.com		example.com
example.txt		example.txt
exploit_fmt.bin		exploit_fmt.bin
exploit_vuln_cpp.py		exploit_vuln_cpp.py
gdb-so-arg.txt		gdb-so-arg.txt
gdb-so-stdio.txt		gdb-so-stdio.txt
hacking.h		hacking.h
mybash		mybash
pattern.txt		pattern.txt
payload.bin		payload.bin
payload_env.bin		payload_env.bin
peda-session-so_arg.exe.txt		peda-session-so_arg.exe.txt
peda-session-so_stdio.exe.txt		peda-session-so_stdio.exe.txt
peda-session-vuln_cpp.exe.txt		peda-session-vuln_cpp.exe.txt
pwn_io_demo.py		pwn_io_demo.py
shellcode.bin		shellcode.bin
shellcode1_py3.bin		shellcode1_py3.bin
shellcode_bash.bin		shellcode_bash.bin
shellcode_py3.bin		shellcode_py3.bin
shellcode_root.bin		shellcode_root.bin
so_arg_bash_exploit_aslr_on.sh		so_arg_bash_exploit_aslr_on.sh
so_arg_cpp_exploit.sh		so_arg_cpp_exploit.sh
so_arg_cpp_exploit_aslr_on.sh		so_arg_cpp_exploit_aslr_on.sh
so_arg_exploit.sh		so_arg_exploit.sh
stdio_payload.bin		stdio_payload.bin
testfile		testfile
x86-AssemblyAndStack.ipynb		x86-AssemblyAndStack.ipynb

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

System and Software Security and Exploitation

Requirements

Install Required Tools and Packages

Play with Notebooks

About

Releases

Packages

Contributors 2

Languages

License

rambasnet/SoftwareSecurity

Folders and files

Latest commit

History

Repository files navigation

System and Software Security and Exploitation

Requirements

Install Required Tools and Packages

Play with Notebooks

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Contributors 2

Languages

Packages