Ox002147    Home    About    Committee    Posts    Get Involved    Twitter    Term Card

Inter-ACE Reverse Engineering Workshop

The University of Cambridge once again ran its Inter-ACE workshop on binary exploitation, repeating the successful event hosted in 2017. We joined students from all over the country to hone our (very rusty) pwning skills with the help of veteran hacker Graham Rymer.

Late morning - ASLR is back on

Over the course of the day Richard, Mary, Romy, Andrew, Mark and Klaudia got their hands dirty with some stack overflow vulnerabilities. With modern mitigations (canaries, ASLR, non-exec stack) turned off this isn’t too hard, but quickly the challenge ramped up. By the end Graham was demonstrating a return-orientated programming exploit that updated the GOT entry for the puts library function to execute shellcode with the mitigations back on.

Drinks afterwards and not a recruiter in sight