This is a collection of exploits for a simplified fork of the tiny http webserver https://github.com/shenfeng/tiny-web-server , known to have a buffer overflow.
The goal is to showcase the evolution of memory safety mitigations and exploitation techniques over the years, in a semi-realistic environment.
The webserver has been compiled four times, with increasing levels of memory protections. For every version, I've written an exploit that defeats the mitigations and launches a remote shell:
- tiny.1996 : no protections. Compiled statically, with an executable stack and no canaries like it's 1996
- tiny.canary: executable stack, but with stack canaries enabled
- tiny.nx: both canary and nx protection active
- tiny.all: all protections active: canary, nx, ASLR, relro
strace -f ./bin/tiny.all
python expl_all.py
./debug.sh