# linux-exploitation-course

A Course on Intermediate Level Linux Exploitation

## Pre-Requisites

The course is designed as a continuation of the Windows Exploit Development
workshops by the people at Null Singapore and some pre-requisite knowledge is
expected of the following topics:

1. An Understanding of x86-64 Assembly
2. Familiarity with GDB
3. Familiarity with C and Python
4. Familiarity with the Standard Jump to Shellcode Exploits

Please do view this 15 minute '[Introduction to Return Oriented Programming]'
video as a refresher. If you have time, please go through the [lesson plan] for
the video.

## Syllabus

1. [Setting Up the Environment]
2. How Does a Linux Binary Work? - Skipped for Now
3. [Introduction to PEDA and Pwntools]
4. [Classic Exploitation Technique]
5. [Linux Binary Protections]
6. [Bypassing NX with Return Oriented Programming]
7. [Bypassing NX with Ret2Libc]
8. [ASLR in Depth]
9. [Bypassing ASLR/NX with Ret2PLT]
10. [Bypassing ASLR/NX with GOT Overwrite]
11. Memory Leaks - Skipped for Now
12. [Multi-Stage Exploits]
13. [Format String Vulnerabilties]
14. [Advanced Exercises]

[Introduction to Return Oriented Programming]: https://youtu.be/ruJXvxXzyU8
[lesson plan]: https://github.com/nnamon/PracticalRet2Libc/blob/master/docs/lessonplans/1_practicalrop/lessonplan.md
[Setting Up The Environment]: ./lessons/1_setting_up_environment/lessonplan.md
[How Does a Linux Binary Work?]: ./lessons/2_linux_binaries/lessonplan.md
[Introduction to PEDA and Pwntools]: ./lessons/3_intro_to_tools/lessonplan.md
[Classic Exploitation Technique]: ./lessons/4_classic_exploitation/lessonplan.md
[Linux Binary Protections]: ./lessons/5_protections/lessonplan.md
[Bypassing NX with Return Oriented Programming]: ./lessons/6_bypass_nx_rop/lessonplan.md
[Bypassing NX with Ret2Libc]: ./lessons/7_bypass_nx_ret2libc/lessonplan.md
[ASLR in Depth]: ./lessons/8_aslr/lessonplan.md
[Bypassing ASLR/NX with Ret2PLT]: ./lessons/9_bypass_ret2plt/lessonplan.md
[Bypassing ASLR/NX with GOT Overwrite]: ./lessons/10_bypass_got/lessonplan.md
[Memory Leaks]: ./lessons/11_memory_leaks/lessonplan.md
[Multi-Stage Exploits]: ./lessons/12_multi_stage/lessonplan.md
[Format String Vulnerabilties]: ./lessons/13_fmt_str/lessonplan.md
[Advanced Exercises]: ./lessons/14_advanced_exercises/lessonplan.md