Skip to content

Ingenuity-Fainting-Goats/damn-vulnerable-tiny-web-server

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

40 Commits

.github/workflows

.github/workflows

 
 

lab1

lab1

 
 

lab2

lab2

 
 

lab3

lab3

 
 

README.md

README.md

 
 

Repository files navigation

Damn Vulnerable Tiny Web Server

A deliberately insecure webserver for learning purpose, this project is a binary exploiting lab based on public source code https://github.com/shenfeng/tiny-web-server

Binary Exploiting Techniques (x86 - 32bit)

  • lab1/ - Stack Buffer Overflow - Basic
  • lab2/ - Return to Libc - NX bypass
  • lab3/ - Return Oriented Programming with execve() payload - NX bypass + ASLR bypass (compiled static)

What

Every labs has the same vulnerable webserver binary running on docker container, try to navigate through single labs and follow instructions. Following learning objectives will be covered:

  • Stack Buffer Overflow basics
  • Return-into-libc exploiting technique
  • Return-oriented-programming exploiting technique
  • NX & ASLR bypass exploiting technique
  • AddressSanitizer tool
  • SPIKE fuzzer
  • etc.. etc...

Why

  • For fun and (no) profit
  • Learn, Learn, Understand, Fail and Learn Again.

Author

  • rhpco - Alessandro B. - twitter.com/rhpco
  • dgui17 - Giovanni

About

Damn Vulnerable Tiny Web Server - A deliberately insecure webserver for learning purpose

Topics

security reverse-engineering exploit-exercises exploiting-vulnerabilities exploit-development

Resources

Readme
Activity
Custom properties

Stars

6 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages