{"id":21229858,"url":"https://github.com/sleleu/rainfall","last_synced_at":"2025-09-16T03:59:04.824Z","repository":{"id":187353795,"uuid":"676242708","full_name":"Sleleu/Rainfall","owner":"Sleleu","description":"This project is an introduction to the exploitation of (elf-like) binary.","archived":false,"fork":false,"pushed_at":"2024-01-08T15:14:09.000Z","size":43,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-04T10:26:36.113Z","etag":null,"topics":["42","binary-exploitation","buffer-overflow","cybersecurity"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Sleleu.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-08-08T18:52:21.000Z","updated_at":"2024-03-07T15:20:45.000Z","dependencies_parsed_at":"2023-08-10T02:18:40.536Z","dependency_job_id":"927332d7-5666-479d-bc33-5326221f44cd","html_url":"https://github.com/Sleleu/Rainfall","commit_stats":null,"previous_names":["sleleu/rainfall"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Sleleu/Rainfall","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sleleu%2FRainfall","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sleleu%2FRainfall/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sleleu%2FRainfall/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sleleu%2FRainfall/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Sleleu","download_url":"https://codeload.github.com/Sleleu/Rainfall/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sleleu%2FRainfall/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":275358889,"owners_count":25450444,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-16T02:00:10.229Z","response_time":65,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["42","binary-exploitation","buffer-overflow","cybersecurity"],"created_at":"2024-11-20T23:29:59.331Z","updated_at":"2025-09-16T03:59:04.773Z","avatar_url":"https://github.com/Sleleu.png","language":"C","readme":"# About this project\n\nThis is a cybersecurity project of 42 school, following in the footsteps of the [snow-crash](https://github.com/Sleleu/snow_crash) project, aims to familiarize oneself with binary exploitation.\n\nSeveral notions are covered in this project, including:\n\n- Basics of reverse engineering\n- Stack / heap buffer overflow\n- Buffer overflow via environment variables\n- GOT overwrite\n- Format string attack vulnerabilities\n- Use of gdb\n- Understanding assembly (a bit 🙃)\n\n\n```\n\t  _____       _       ______    _ _ \n\t |  __ \\     (_)     |  ____|  | | |\n\t | |__) |__ _ _ _ __ | |__ __ _| | |\n\t |  _  /  _` | | '_ \\|  __/ _` | | |\n\t | | \\ \\ (_| | | | | | | | (_| | | |\n\t |_|  \\_\\__,_|_|_| |_|_|  \\__,_|_|_|\n\n                 Good luck \u0026 Have fun\n\n  To start, ssh with level0/level0 on 10.0.2.15:4242\n```\n\nThis project is presented in the form of a virtual machine with 14 levels available. Each level contains a binary in the user's /home directory. The objective is to exploit this binary in order to progress to the next level.\n\nEach level should have a folder containing:\n\n- The flag that allows access to the user of the next level\n- Source code obtained from the decompiled executable, providing a better understanding of the binary's structure to be exploited\n- A walkthrough describing the steps to successfully exploit it\n\n\nMany challenges, after identifying how to exploit the vulnerability through the debugger, assembly instructions, and decompiled code, will look like this:\n\n```\n(python -c \"print('A' * 76 + '\\x44\\x84\\x04\\x08')\"; cat) | ./binary \u003c== poof 💣\nGood... Wait what? \u003c== 💀\nwhoami\nlevelup\ncat /home/user/levelup/.pass\n{flag} \u003c== 🚩\n```\n\n\n# Ressources\n\nHere are some resources that can be helpful:\n\n### Find offset\n-  https://projects.jason-rush.com/tools/buffer-overflow-eip-offset-string-generator/\n\n### Online decompiler\n- https://dogbolt.org/\n\n### Shellcode used\n- https://shell-storm.org/shellcode/files/shellcode-811.html\n- https://shell-storm.org/shellcode/files/shellcode-752.html\n\n### Buffer overflow basics\n-  https://beta.hackndo.com/buffer-overflow/\n-  https://www.root-me.org/fr/Documentation/Applicatif/Debordement-de-tampon-dans-la-pile\n-  https://repository.root-me.org/Exploitation%20-%20Syst%C3%A8me/Unix/FR%20-%20Stack%20Bug%20-%20Exploitation%20avancee%20de%20buffer%20overflow.pdf\n-  https://www.youtube.com/watch?v=u-OZQkv2ebw (king)\n\n### Assembly basics\n- http://www2.ift.ulaval.ca/~marchand/ift17583/Supplement2.pdf\n\n### Format string attack\n- https://www.unilim.fr/pages_perso/patrick.poulingeas/Enseignements/2004_2005/Master1/FormatString.pdf\n- https://repo.zenk-security.com/Techniques%20d.attaques%20%20.%20%20Failles/Les%20failles%20Format%20String.pdf\n- https://www.re-xe.com/format-string-bugs/\n\n### Got overwrite\n- https://ctf101.org/binary-exploitation/what-is-the-got/\n- https://axcheron.github.io/exploit-101-format-strings/#code-execution-redirect\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsleleu%2Frainfall","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsleleu%2Frainfall","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsleleu%2Frainfall/lists"}