strangerRidingCaml

Kernel Address Space Layout Randomization $KASLR$Kernel Address Space Layout Randomization $KASLR$ is a security feature implemented in modern operating systems, including Linux, to mitigate memory-based attacks by randomizing the location of kernel memory.Lab Activity: Demonstrating KASLR ImpactIn this lab activity, we'll demonstrate the impact of KASLR by attempting to exploit a vulnerability ..

Return-to-Direct-Mapped Memory $ret2dir$ AttacksReturn-to-Direct-Mapped Memory $ret2dir$ attacks involve redirecting program execution to a specific location in memory, typically to execute malicious code or escalate privileges.Lab Activity: Return-to-Direct-Mapped Memory $ret2dir$ AttackIn this lab activity, we'll demonstrate a ret2dir attack on a vulnerable C program.Defender Side Code:#includ..

Use-After-Free $UAF$ Vulnerabilities $feat. struct cred, tty_struct$Use-After-Free $UAF$ vulnerabilities occur when a program continues to use a pointer after the memory it points to has been freed, potentially leading to memory corruption or code execution.Lab Activity: Use-After-Free $UAF$ ExploitIn this lab activity, we'll demonstrate a UAF exploit on a vulnerable C program, featuring struct ..

Null Pointer Dereference ExploitsNull pointer dereference exploits occur when a program attempts to access or manipulate memory using a null pointer, resulting in a segmentation fault or allowing an attacker to control program execution.Lab Activity: Null Pointer Dereference ExploitIn this lab activity, we'll demonstrate a simple null pointer dereference exploit on a vulnerable C program.Defende..

Write-What-Where $Arbitrary Memory Overwrite$Write-What-Where $WWW$ attack is a type of exploitation where an attacker gains control over arbitrary memory locations and can write arbitrary data to these locations.Lab Activity: Write-What-Where $Arbitrary Memory Overwrite$ AttackIn this lab activity, we'll demonstrate a simple WWW attack on a vulnerable C program.Defender Side Code:#include #incl..

Return-Oriented Programming $ROP$Return-Oriented Programming $ROP$ is a technique used in exploitation where existing code snippets, known as gadgets, are chained together to execute arbitrary commands or escalate privileges.Lab Activity: Return-Oriented Programming $ROP$ AttackIn this lab activity, we'll demonstrate a simple ROP attack on a vulnerable C program.Defender Side Code:#include #incl..