# Assignment 3 - Binary Exploitation

### Description

This assignment will focus on the exploration of vulnerabilities in software projects, and the creation of detailed reports with the findings. For this purpose, we provide a custom application with a reasonable amount of vulnerabilities organized in levels. There are a total of 10 levels, each exploring a specific aspect of handling binaries and developing exploits for binaries. The application is provided with the source code, and must be compiled. Be aware that some levels are dependent of the actual content of the binary. If you add code, some things may become broken.

A similar version of the application is available at 10.110.2.100 port 5000. You can connect to it using netcat nc 10.110.2.100 5000. This version is exactly the same as the one produced in your system. However, you cannot control aspects such as ASLR. A final “flag” is available in the server, available after completing the last level.

For each level addressed, the report should describe why it exists, and how it was exploited. We recommend that you create a report with screenshots and scripts used. The use of pwntools is advised as it may simplify interaction with the process.

The project should to be implemented by a group of 3 students, and MUST reside in a private repository in the github/detiuaveiro organization, using the Github Classroom functionality (this is mandatory).

### Resources

The application is available here.

The Makefile provides several actions:

• main: compiles the application. This is adequate for development in your system, but unless you are using the same version as the remote server, libc offsets will be wrong.
• docker: compiles the application in a docker environment, leaves the container running, and pulls both the main and libc-2.33.so files.
• keys: each level will present a key, which will be related to your name. This action will create new keys.

Files such as flag.txt and password1.txt will be different in the remote server.