Material and examples used during a guest lecture I gave as part of the CSE545 class at ASU.
Slides available at: docs.google.com/presentation/d/13SDNRKHblo2xenczp9m6rQahigtwygmUcrBhZ-G3gvo .
Recording is available on YouTube .
Sources are located under source/, and the binaries will be built in build/ using make.
| program | usage | exploit |
|---|---|---|
vex_and_cfg |
./vex_and_cfg |
N/A |
command_line_injection |
./command_line_injection /tmp |
./command_line_injection "/tmp; whoami" |
buffer_overflow_strcpy |
./buffer_overflow_strcpy AAA |
./buffer_overflow_strcpy $(python -c 'print("a"*10)') |
Scripts using angr are in examples/.
Note: I wrote a blog post to help write function handlers: Handle function calls during static analysis in angr .