strangerRidingCaml

Kernel Address Space Layout Randomization (KASLR)Kernel Address Space Layout Randomization (KASLR) is a security feature implemented in modern operating systems, including Linux, to mitigate memory-based attacks by randomizing the location of kernel memory.Lab Activity: Demonstrating KASLR ImpactIn this lab activity, we'll demonstrate the impact of KASLR by attempting to exploit a vulnerability ..

Return-to-Direct-Mapped Memory (ret2dir) AttacksReturn-to-Direct-Mapped Memory (ret2dir) attacks involve redirecting program execution to a specific location in memory, typically to execute malicious code or escalate privileges.Lab Activity: Return-to-Direct-Mapped Memory (ret2dir) AttackIn this lab activity, we'll demonstrate a ret2dir attack on a vulnerable C program.Defender Side Code:#includ..

Use-After-Free (UAF) Vulnerabilities (feat. struct cred, tty_struct)Use-After-Free (UAF) vulnerabilities occur when a program continues to use a pointer after the memory it points to has been freed, potentially leading to memory corruption or code execution.Lab Activity: Use-After-Free (UAF) ExploitIn this lab activity, we'll demonstrate a UAF exploit on a vulnerable C program, featuring struct ..

Null Pointer Dereference ExploitsNull pointer dereference exploits occur when a program attempts to access or manipulate memory using a null pointer, resulting in a segmentation fault or allowing an attacker to control program execution.Lab Activity: Null Pointer Dereference ExploitIn this lab activity, we'll demonstrate a simple null pointer dereference exploit on a vulnerable C program.Defende..

Write-What-Where (Arbitrary Memory Overwrite)Write-What-Where (WWW) attack is a type of exploitation where an attacker gains control over arbitrary memory locations and can write arbitrary data to these locations.Lab Activity: Write-What-Where (Arbitrary Memory Overwrite) AttackIn this lab activity, we'll demonstrate a simple WWW attack on a vulnerable C program.Defender Side Code:#include #incl..

Return-Oriented Programming (ROP)Return-Oriented Programming (ROP) is a technique used in exploitation where existing code snippets, known as gadgets, are chained together to execute arbitrary commands or escalate privileges.Lab Activity: Return-Oriented Programming (ROP) AttackIn this lab activity, we'll demonstrate a simple ROP attack on a vulnerable C program.Defender Side Code:#include #incl..