2025-07-02, 09:15–12:15 (Europe/Paris), Room LW109
ROP (Return-Oriented Programming) is an essential technique for exploiting modern binary executables. The ROPEmporium website, (https://ropemporium.com/
) developed by Max Kemper, features a series of step-by-step exercises designed to help you discover the ROPEmporium progressively.
The workshop offers a shared experience of these exercises
During this workshop, we'll work together to solve some of the exercises on the site.
The aim is to give you enough theoretical and practical knowledge to be able to extend the experience by doing all the exercises proposed afterwards.
The site offers exercises on intel x86-64, x86-32, ARM and MISP executables.
After a presentation of the platform, and the main concepts involved in ROP, you'll be able to learn from the exercises :
- Get to grips with the tools to discover an initial function calling technique.
- Call a function with a parameter already present in the executable.
- Master the convention of passing parameters for more complex calls.
- Learn how to place some data in the memory and pass it as a parameter
- Search for usable gadgets when the most obvious are not available.
- Finally, we'll create a slightly more complex ROP chain using a pivot technique.
As an epilogue, if time permits, we'll take a look at ARM binary exploitation with qemu, to encourage you to extend the experience.
The workshop is ideally aimed at people familiar with x86 assembler and the basics of binary exploitation with buffer overflow.
To carry out the exercises you will need a Linux machine with the following opensources tools :
- gdb
- a gdb extension such as GEF or pwndbg
- python3
- pwntools
- radare2
- ropper ou ROPGadget
and optionally
- 32-bit libraries (libc6-i386)
- qemu
It is also possible to follow the workshop without carrying out (all) the manipulations during the session and keep focus on explanations or exchanges.
Computer engineer since 1985 and in security since around 1995