Software Exploitation
Teaching goals
By the end of this course, students will be able to:
- Understand internal memory management mechanisms in C programs.
- Identify memory-related vulnerabilities.
- Write simple exploits for vulnerable binaries.
- Develop custom shellcodes.
- Understand and bypass protections such as NX, ASLR, PIE, and stack canaries.
- Implement code-reuse attacks (ROP, ret2libc).
- Assess memory security risks in software development.
Course description
This course provides a hands-on introduction to software vulnerability exploitation. Students will learn to identify and exploit various vulnerabilities: stack and heap buffer overflows, shellcode injection, code-reuse techniques (ret2libc, ROP), format string attacks, etc. The course also covers defense mechanisms such as NX, ASLR, PIE, and stack canaries, and how to bypass them in a controlled environment.
Course content
- Introduction to x86 architecture
- Stack buffer overflow exploitation
- Shellcode development
- Code-reuse attacks
- Format string attacks
- Heap exploitation techniques
Prerequisites
Basic knowledge of C programming, computer architecture, operating systems, and Linux usage.
Bibliography
- Secure Coding in C and C++ (2nd edition), by Robert C. Seacord, 2013.
- The Shellcoder’s Handbook: Discovering and Exploiting Security Holes (2nd edition), by Chris Anley, John Heasman, Felix Lindner, and Gerardo Richarte, 2007.
- Learning Linux Binary Analysis, by Ryan O’Neill, 2016.
- Hacking: The Art of Exploitation (2nd edition), by Jon Erickson, 2008.
Biography
Benjamin Farinier is an Associate Professor (Maître de Conférences) at the University of Rennes, in the EPICURE research team. He is primarily interested in the formal verification of safety and security properties, from low-level binary code to high-level specifications.