Binary Exploitation Roadmap
An in-depth roadmap for binary exploitation with explanations of common exploitations methods and more links.
Pre-requisites/requirements
- Basic understanding of programming in C and/or Python
- A Linux environment with
gccandgdbinstalled (I recommend this link) - (Optional): Familiarity with assembly language (i.e. x86 or x64)
Beginner Concepts
Start out with exploring these resources that cover an introduction to buffers, buffer overflows, and binary security, as well as some general assembly review.
- CTF Handbook - Introduction
- https://pwn.college/
- Nightmare
After checking these links out and trying a few challenges for yourself, you should have a good all-round understanding of what buffer overflows are and their vulnerabilities. You should be able to complete basic CTF challenges like baby-pwn ’s.
Intermediate Concepts
Now we’ll start learning about some traditional binary exploitation methods that are commonly used in CTFs. You don’t have to read about every method, but having a general idea of how to conduct ROP chaining and finding/leaking offsets and addresses as well as gadgets is important.
- CTF Handbook
- pwn.college
- Nightmare
- https://guyinatuxedo.github.io/rop.html
- https://guyinatuxedo.github.io/19-shellcoding_pt1/csaw18_shellpointcode/index.html
By the end, you should be able to identify most vulnerabilities. Try out tools like
ROPgadgetand usepwntoolsto simplify your scripts. You should be able to do most CTF challenges.
Advanced Concepts
You will learn how to exploit programs with more binary security measures in place, and start dealing with heap exploitation.
- CTF Handbook
- pwn.college
- Nightmare
Try solving more complex CTF challenges and practice writing vulnerable programs. You can also learn about kernel exploitation here: