Introduction

First off, what’s a binary?

A binary is compiled code. When a programmer write code in a language say C, its not what the code is executed. It is compiled to binary, which consists of set of instructions called machine code, and then the binary is run. Binary exploitation is the art of finding and exploitaing a bug that survives the compilation step.

Reverse engineering

Reverse Engineering is figuring out how something works. It is yet another broad topic. It is required in Binary exploitation as most of the time we are only given a binary. We have to figure out how it works, before trying to attack it.

Prerequisites

Before jumping into pwn (shorthand for binary exploitation), make sure you’re confortable with

• Basics of C (arrays,strings, pointers)
• Fundamentals of assembly and CPU architecture
• Memory layout of C program.
• Basic Linux commands
• Use these resources before going further.
  • How Assembly Functions Work- The Stack explained
  • x86 Assembly Crash Course
  • Memory Layout of a C program
  • LiveOverflow playlist

Tools

• A disassembler - GHIDRA First thing we’ll need is a tool that’ll convert the machine code of binary back to Assembly ( and possibly try to get C code from Assembly). Ghidra is a powerful disassembler as well as decompiler . Follow the Ghidra installation from Pclub infosec roadmap then watch this .
• A debugger - GDB, this is a defualt debugger packed along with GCC for decompiling binaries. However, to enhance GDB and make it easier to use and more powerful, we’ll add a plugin on top of this. Install pwndbg from here. Use this guide to understand the basics command.
• (Optional for now) Pwntools - Its a python library that makes write exploit scripts easier by automating the booring part. Github

Warmup

Now that you have the tools necessary for the job, head over to picoCTF and solve these GDB baby steps challenges then k3yg3n one from Crackme.

Your First Binary Exploit

The first bug, we’ll understand is the Stack Buffer Overflow. It is vulnerability in which data can be written which exceeds the allocated space on stack and allows the attack to overwrite other data.

• Watch this video from LiveOverFlow to watch how stack overflow happens.
• Then head over to this git repo and follow along with the writeups on with the tools you got. Try to follow along with the tools you have to get hands-on practice.

Further Resources

To dive deeper into the world of low level, follow these resources

• Nightmare Walkthrough
• Pwn.college
• LIve overflow