Binary Exploitation
Binary exploitation involves finding and leveraging memory safety bugs in compiled programs to gain unintended capabilities. You'll learn how the stack and heap are laid out in memory, why format strings are dangerous, and how attackers redirect program control flow. These skills underpin modern vulnerability research and exploit development.
- 1
Format String Vulnerabilities
When printf is called with user input as the format string argument - printf(user_input) instead of printf("%s", user_input) - attackers can read arbitrary memory with %x and write to it with %n. The picoCTF format string series walks you from a trivial leaking example up to a full arbitrary write.
- 2
Heap Exploitation
The heap is where dynamic memory allocations (malloc/free) live. Heap exploits take advantage of the metadata that the allocator writes between chunks. The heap series in picoCTF 2024 is one of the best beginner-friendly introductions available, building each concept on top of the last.
- 3
PIE and Address Space Randomization
Position-Independent Executables (PIE) and Address Space Layout Randomization (ASLR) randomize where code and the stack are loaded in memory, making it harder to jump to a hardcoded address. PIE TIME teaches you to defeat these mitigations by leaking an address at runtime and computing offsets from there.