This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
course_on_offensive_technologies_2014 [2016/08/29 18:38] fabio.massacci@unitn.it [Past Projects] |
course_on_offensive_technologies_2014 [2021/01/29 10:58] (current) |
||
---|---|---|---|
Line 84: | Line 84: | ||
| | For 12 credits create a Return-Oriented-Programming (ROP) exploit for one vulnerability | Choose one of the two vulnerabilities for which you have already an exploit and write a ROP exploit for it | | | | | For 12 credits create a Return-Oriented-Programming (ROP) exploit for one vulnerability | Choose one of the two vulnerabilities for which you have already an exploit and write a ROP exploit for it | | | ||
| | For 18 credits create a ROP exploit for two vulnerabilities | | | | | | For 18 credits create a ROP exploit for two vulnerabilities | | | | ||
- | ===== Other Material ====== | + | ===== Past Projects ===== |
+ | |||
+ | Here we report a selection of past projects successfully pursued by students. The developed exploits are also available upon direct request to the course teachers. | ||
+ | |||
+ | * Francesco LaSpina: {{:teaching:offtech:2014:report_la_spina_168100.pdf| ROP Exploit (1) CVE-2011-3659 + Snort detection, Integer overflow exploit CVE-2013-0750}} | ||
+ | * Davide Martintoni: {{:teaching:offtech:2014:appsecprj_report-_rev2015-01.pdf|Heap overflow CVE-2009-3373}} + {{:teaching:offtech:2014:martintonidavide_secondexploit_v3.pdf|ROP Exploit (2) CVE-2011-3659}} | ||
+ | |||
+ |