| description | cover | coverY | layout | ||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
12/07/2023 |
0 |
|
Hello all, today we will be learning all aspects of the ret2libc attack!
Throughout diving deep into the world of binary exploitation, I have quickly come to realize that most articles are either lacking context, simplicity, or even a date for that matter. I am by no means an expert, but here's my best shot at combatting those struggles and attempting to deliver everything there is to know about ret2libc all in one place!
- 32-bit Exploitation w/ ASLR disabled
- 64-bit Exploitation w/ ASLR disabled
- 32-bit Exploitation w/ ASLR Enabled
- 64-bit Exploitation w/ ASLR Enabled
- pwntools automagic!
The ret2libc attack will be the ultimate weapon against the NX-bit (No-Execute) protection on the binary. When enabled, the binary is NOT compiled with an executable stack, meaning that we cannot inject our own shellcode directly onto the stack and expect it to execute.