Inter-ACE Reverse Engineering Workshop
The University of Cambridge once again ran its Inter-ACE workshop on binary exploitation, repeating the successful event hosted in 2017. We joined students from all over the country to hone our (very rusty) pwning skills with the help of veteran hacker Graham Rymer.
Late morning - ASLR is back on
Over the course of the day Richard, Mary, Romy, Andrew, Mark and Klaudia got their hands dirty with some stack overflow vulnerabilities. With modern mitigations (canaries, ASLR, non-exec stack) turned off this isn’t too hard, but quickly the challenge ramped up. By the end Graham was demonstrating a return-orientated programming exploit that updated the GOT entry for the puts library function to execute shellcode with the mitigations back on.
Drinks afterwards and not a recruiter in sight