Introduction to Exploit Development

Scoreboard · Submit Flags

I: Command Injection

H 110a: Linux Journey 83 extra
ED 102. Command Injection 20 + 40 extra
ED 103: SQL Injection 30 + 155 extra
ED 104: CMD Injection 15 + 25 extra
ED 30: Linux Virtual Machine  15
ED 101: Essential Linux 15 + 10 extra
ED 105: Server Side Template Injection (SSTI) 35 extra
ED 106: PHP-FPM Command Injection 15 extra

II: Binary Exploits for Linux

ED 201: Linux Buffer Overflow With Command Injection  15
ED 202: Linux Buffer Overflow Without Shellcode  40 + 75 extra
ED 203: Linux Buffer Overflow With Listening Shell  15 + 30 extra
ED 204: Exploiting a Format String Vulnerability  20
ED 205: Very Simple Heap Overflow  10 + 20 extra
ED 206: Heap Overflow via Data Overwrite  10 + 35 extra
ED 207: Linux Buffer Overflow with ROP (requires VMware)  15
ED 210: Exploiting a Race Condition  10 extra
ED 220: Intro to 64-bit Assembler  15 + 25 extra
ED 230: Hardening ELF Binaries  15 extra

III: Binary Exploits for Windows

ED 32: Windows 10 Virtual Machine (recommended)  15 extra
H 2: Windows 2016 Server Virtual Machine (not recommended)  15
 
ED 308: Exploiting "Vulnerable Server" on Windows     Google Cloud version  25 + 25 extra
ED 309: Defeating DEP with ROP  20 extra
ED 301: Windows Stack Protection I: Assembly Code  15
ED 302: Windows Stack Protection II: Exploit Without ASLR  15
ED 303: Windows Stack Protection III: Limitations of ASLR  15 extra
ED 310: Windows Mitigations  10 extra
ED 318: Exploiting Easy RM to MP3 Converter on Windows with ASLR  30 exta
ED 319: SEH-Based Stack Overflow Exploit · Windows 10 version  20 + 45 extra
ED 330: C# Dot Net  20 extra
ED 331: Dot Net Reflector  45 extra
ED 340: Making Custom Shellcode  20 extra

IV: ARM Exploits

ED 413: ARM Shellcode on the Pi  30 extra
ED 414: Self-Modifying ARM Shellcode on the Pi  20 extra
ED 420: Jailbreaking an iPhone with Checkra.in  15 extra
ED 421: Buffer Overflow on an iPhone  20 extra

Assembly Language

Don't submit these projects in Canvas; use the scoring system below

Enter Flags · Scoreboard

ASM 100: Basics  69 extra
ASM 104: Bases & Printing  40 extra
ASM 105: ASCII  20 extra
ASM 110: Gdb  30 extra
ASM 120: Files  55 extra
ASM 200: Caesar Cipher  35 extra
ASM 210: XOR  20 extra
Scores archived 10-5-2021

Posted 6-16-22