If you're looking for an exploit development tutorial for absolute beginners this week we're looking at what I would consider just that! This week we look at the "random" binary exploitation challenge hosted on pwnable[.]kr.
This is a great beginner tutorial since we exploit a flaw that is "easy" and unfortunately, still very real within some enterprise environments. It also helps you understand that no number is truly random.
The crazy part? We don't even drop into a debugger in this tutorial.
Be the end of this tutorial you should have:
- Learned about random number generation in C
- Learned about XOR operations
- Finding header files that contain dependencies using man pages
- Dissecting C source code
1 comment
[ 3.0 ms ] story [ 10.0 ms ] threadThis is a great beginner tutorial since we exploit a flaw that is "easy" and unfortunately, still very real within some enterprise environments. It also helps you understand that no number is truly random.
The crazy part? We don't even drop into a debugger in this tutorial.
Be the end of this tutorial you should have:
- Learned about random number generation in C - Learned about XOR operations - Finding header files that contain dependencies using man pages - Dissecting C source code