PTS2025

During this workshop, we'll work together to solve some of the exercises on the site.

The aim is to give you enough theoretical and practical knowledge to be able to extend the experience by doing all the exercises proposed afterwards.
The site offers exercises on intel x86-64, x86-32, ARM and MISP executables.

After a presentation of the platform, and the main concepts involved in ROP, you'll be able to learn from the exercises :

• Get to grips with the tools to discover an initial function calling technique.
• Call a function with a parameter already present in the executable.
• Master the convention of passing parameters for more complex calls.
• Learn how to place some data in the memory and pass it as a parameter
• Search for usable gadgets when the most obvious are not available.
• Finally, we'll create a slightly more complex ROP chain using a pivot technique.

As an epilogue, if time permits, we'll take a look at ARM binary exploitation with qemu, to encourage you to extend the experience.

The workshop is ideally aimed at people familiar with x86 assembler and the basics of binary exploitation with buffer overflow.

To carry out the exercises you will need a Linux machine with the following open-sources tools :
- gdb
- a gdb extension such as GEF or pwndbg
- python3
- pwntools
- radare2
- ropper ou ROPGadget
and optionally
- 32-bit libraries (libc6-i386)
- qemu

A docker image containing the required tools will be made available and its use encouraged.
Docker is therefore the main requisite.

By the way, to avoid clogging up the network and save time at the beginning of the workshop, please,
try to anticipate to download the materials :


git clone https://github.com/cdpointpoint/ropemporium_party.git

./run_ptsrew.sh
.

The run script will pull the 2 Go docker image the fist time.

It is also possible to follow the workshop without carrying out (all) the manipulations during the session and keep focus on explanations or exchanges.