├── README.md ├── images ├── MyControllerHpp.png ├── checksec.png ├── docker-up-nc.png ├── exploit-final.png ├── intro-chall-description.png ├── intro-dist-files.png ├── intro-jailcfg.png ├── ios-break-aslr.png ├── read-proc-mappings.png └── source-code-folder.png └── resources ├── analyze_mappings.py ├── dist-guess-god ├── .dockerignore ├── Dockerfile ├── bins │ ├── flag_server-exe │ └── libkylezip.so ├── docker-compose.yml ├── flag.txt ├── jail.cfg ├── nsjail.sh ├── pow.py ├── server.py ├── setup.sh └── src │ ├── .gitignore │ ├── CMakeLists.txt │ ├── kylezip │ ├── README │ ├── decompress.c │ ├── decompress.h │ └── test │ │ └── kyle.c │ ├── src │ ├── App.cpp │ ├── AppComponent.hpp │ ├── controller │ │ ├── MyController.cpp │ │ └── MyController.hpp │ └── dto │ │ └── DTOs.hpp │ ├── test │ ├── MyControllerTest.cpp │ ├── MyControllerTest.hpp │ ├── app │ │ ├── MyApiTestClient.hpp │ │ └── TestComponent.hpp │ └── tests.cpp │ └── utility │ └── install-oatpp-modules.sh ├── guess-god.zip ├── reliable_exploit.py └── x.py /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/README.md -------------------------------------------------------------------------------- /images/MyControllerHpp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/images/MyControllerHpp.png -------------------------------------------------------------------------------- /images/checksec.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/images/checksec.png -------------------------------------------------------------------------------- /images/docker-up-nc.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/images/docker-up-nc.png -------------------------------------------------------------------------------- /images/exploit-final.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/images/exploit-final.png -------------------------------------------------------------------------------- /images/intro-chall-description.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/images/intro-chall-description.png -------------------------------------------------------------------------------- /images/intro-dist-files.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/images/intro-dist-files.png -------------------------------------------------------------------------------- /images/intro-jailcfg.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/images/intro-jailcfg.png -------------------------------------------------------------------------------- /images/ios-break-aslr.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/images/ios-break-aslr.png -------------------------------------------------------------------------------- /images/read-proc-mappings.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/images/read-proc-mappings.png -------------------------------------------------------------------------------- /images/source-code-folder.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/images/source-code-folder.png -------------------------------------------------------------------------------- /resources/analyze_mappings.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/analyze_mappings.py -------------------------------------------------------------------------------- /resources/dist-guess-god/.dockerignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/.dockerignore -------------------------------------------------------------------------------- /resources/dist-guess-god/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/Dockerfile -------------------------------------------------------------------------------- /resources/dist-guess-god/bins/flag_server-exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/bins/flag_server-exe -------------------------------------------------------------------------------- /resources/dist-guess-god/bins/libkylezip.so: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/bins/libkylezip.so -------------------------------------------------------------------------------- /resources/dist-guess-god/docker-compose.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/docker-compose.yml -------------------------------------------------------------------------------- /resources/dist-guess-god/flag.txt: -------------------------------------------------------------------------------- 1 | buckeye{this_is_a_fake_flag} 2 | -------------------------------------------------------------------------------- /resources/dist-guess-god/jail.cfg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/jail.cfg -------------------------------------------------------------------------------- /resources/dist-guess-god/nsjail.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/nsjail.sh -------------------------------------------------------------------------------- /resources/dist-guess-god/pow.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/pow.py -------------------------------------------------------------------------------- /resources/dist-guess-god/server.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/server.py -------------------------------------------------------------------------------- /resources/dist-guess-god/setup.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/setup.sh -------------------------------------------------------------------------------- /resources/dist-guess-god/src/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/src/.gitignore -------------------------------------------------------------------------------- /resources/dist-guess-god/src/CMakeLists.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/src/CMakeLists.txt -------------------------------------------------------------------------------- /resources/dist-guess-god/src/kylezip/README: -------------------------------------------------------------------------------- 1 | kylezip is a horrible compression algorithm 2 | 3 | -------------------------------------------------------------------------------- /resources/dist-guess-god/src/kylezip/decompress.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/src/kylezip/decompress.c -------------------------------------------------------------------------------- /resources/dist-guess-god/src/kylezip/decompress.h: -------------------------------------------------------------------------------- 1 | extern "C" int decompress(const char *fname); 2 | 3 | -------------------------------------------------------------------------------- /resources/dist-guess-god/src/kylezip/test/kyle.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/src/kylezip/test/kyle.c -------------------------------------------------------------------------------- /resources/dist-guess-god/src/src/App.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/src/src/App.cpp -------------------------------------------------------------------------------- /resources/dist-guess-god/src/src/AppComponent.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/src/src/AppComponent.hpp -------------------------------------------------------------------------------- /resources/dist-guess-god/src/src/controller/MyController.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/src/src/controller/MyController.cpp -------------------------------------------------------------------------------- /resources/dist-guess-god/src/src/controller/MyController.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/src/src/controller/MyController.hpp -------------------------------------------------------------------------------- /resources/dist-guess-god/src/src/dto/DTOs.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/src/src/dto/DTOs.hpp -------------------------------------------------------------------------------- /resources/dist-guess-god/src/test/MyControllerTest.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/src/test/MyControllerTest.cpp -------------------------------------------------------------------------------- /resources/dist-guess-god/src/test/MyControllerTest.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/src/test/MyControllerTest.hpp -------------------------------------------------------------------------------- /resources/dist-guess-god/src/test/app/MyApiTestClient.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/src/test/app/MyApiTestClient.hpp -------------------------------------------------------------------------------- /resources/dist-guess-god/src/test/app/TestComponent.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/src/test/app/TestComponent.hpp -------------------------------------------------------------------------------- /resources/dist-guess-god/src/test/tests.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/src/test/tests.cpp -------------------------------------------------------------------------------- /resources/dist-guess-god/src/utility/install-oatpp-modules.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/dist-guess-god/src/utility/install-oatpp-modules.sh -------------------------------------------------------------------------------- /resources/guess-god.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/guess-god.zip -------------------------------------------------------------------------------- /resources/reliable_exploit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/reliable_exploit.py -------------------------------------------------------------------------------- /resources/x.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64/HEAD/resources/x.py --------------------------------------------------------------------------------