{"id":22394846,"url":"https://github.com/blakley/binary-exploitation","last_synced_at":"2025-03-26T22:43:08.772Z","repository":{"id":157487702,"uuid":"381928967","full_name":"Blakley/Binary-Exploitation","owner":"Blakley","description":"Binary Game \u0026 Tutorial on how to use Python to brute force and exploit input in a binary. ","archived":false,"fork":false,"pushed_at":"2021-08-18T21:09:01.000Z","size":766,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-01T04:27:32.396Z","etag":null,"topics":["binary-exploitation","c","ctf-challenges","gdb","python-gdb","python3"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Blakley.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-07-01T06:12:47.000Z","updated_at":"2021-08-18T21:09:03.000Z","dependencies_parsed_at":"2023-05-05T10:03:39.710Z","dependency_job_id":null,"html_url":"https://github.com/Blakley/Binary-Exploitation","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Blakley%2FBinary-Exploitation","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Blakley%2FBinary-Exploitation/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Blakley%2FBinary-Exploitation/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Blakley%2FBinary-Exploitation/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Blakley","download_url":"https://codeload.github.com/Blakley/Binary-Exploitation/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245749800,"owners_count":20666084,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["binary-exploitation","c","ctf-challenges","gdb","python-gdb","python3"],"created_at":"2024-12-05T05:11:55.831Z","updated_at":"2025-03-26T22:43:08.754Z","avatar_url":"https://github.com/Blakley.png","language":"C","readme":"#  Binary Exploitation\n\nA tutorial on using Python to test various input in an executable\nRun the executable and try to solve it yourself. \u003c/br\u003eComplete the solver to finish levels 2 through 5!\n\n[![solver.gif](https://s6.gifyu.com/images/solver.gif)](https://gifyu.com/image/y1Bb)\n\n## Included\n\n* Blakley's Game: The binary game that you can download and try to beat\n* A custom python solver for level 1 of the game\n\n## Dependencies\n\nHave both GDB and Python installed then install the following\n```\n$ pip install gdb\n```\n\n## Working with the custom Python Solver\n\n* Navigate to the /src directory\n* run the following:\n* `gdb ./game`\n* `source solver.py`\n* `start`\n\n## Understanding the Python Solver\n\nThe purpose of the solver is to show you how you can use the gdb module in Python, to brute force input within an executable.\nHowever, there are more effective ways to complete each level in the game. Namely, you can simply use gdb, set breakpoints, and step through the \nassembly to understand the code and retrieve the input that's expected. \n\nNonetheless, there exists some situations where testing multiple values is the best method. This is shown in level 3 of the game.\nLevel 3: Password Guessing, asks you to input my \"not so secure\" secure password to continue. The best approach here would be to use a password list and feed the program\neach password until you've solved the level.\n\nLet's take a look at how this is achieved:\n* To start, we need to register our custom `gdb` command. In our Python script, we've created a command `start` that will run our `Level_1`\n  function solver. \n\n* Next, Let's take a look at the Level_1 Solver. We first set a few breakpoints to know if we've successfully found the answer. \n  - (line 14 of solver.py) `gdb.execute('b failed')` Here we set a breakpoint at a point where we know our input has failed\n  - (line 15 of solver.py) `gdb.execute(b level_2)` Here we set a breakpoint at where we know our input was correct and we are moving to the next level.\n\nWith our breakpoints set, we can now feed the binary answers until a breakpoint is hit.\n\n* Next we can move to pass input to the binary.\n  - We will use a `file` that we'll call `answers.txt`. This will contain our answers, separated by a newline, for each level.\n  - We open the file in python and loop through the list of inputs we are testing. Then, we append and run the program with each input.\n  - After testing single input, we call a function `test()` that will execute the command `gdb.execute(\"info b 2\", False, True)\n    This command determines if the breakpoint we set for a successful input was hit. If it is, then we know we've found the answer.\n\n## Deployment\nTo run the game, open up a unix shell and run the following\n```\n$ chmod +x game\n$ ./game\n```\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fblakley%2Fbinary-exploitation","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fblakley%2Fbinary-exploitation","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fblakley%2Fbinary-exploitation/lists"}