Stack canaries are a mitigation technique used to prevent stack smashing attacks (classic stack-based buffer overflows). However, they can be circumvented via a variety of techniques, depending on the environment and the vulnerable binary.
What you will learn
After completing this scenario you will learn to how to defeat stack canaries when the server is in fork mode and when certain conditions apply, by leaking the value of the canary.
It is highly advised to have a general understanding of classic stack-based buffer overflows and how to bypass mitigations such as non-executable stacks (NX bit) and ASLR. To become familiar, you can complete the scenarios Binary Exploitation 101 - 106.
This scenario contains one virtual machine running a binary over the network in a docker container.
You are highly advised to read this blog post (all credits to the author) before proceeding. https://made0x78.com/bseries-defeat-stack-cookies/
The following is also a very good reference for defeating stack canaries: http://security.cs.rpi.edu/courses/binexp-spring2015/lectures/19/11_lecture.pdf
- TIME240 MINUTES
- COST10 CRYSTALS