System Hacking

10.0

(6)

Tier 1 Easy Skill Path System Hacking

Learn fundamental memory corruption vulnerabilities in system hacking. Completing this Path will give you the foundational skills for understanding vulnerabilities, as well as analyzing and exploiting vulnerabilites targeting binaries.

42 hours read

49 courses

8 Labs

26 challenges

17 quizzes

Easy, Easy

Contains machine-translated lectures

0% Completed Total 0 completed

Lecture 0 /49

Excluded

Wargame 0 /26

Quiz 0 /17

You can access locked objectives by upgrading your plan or purchasing the units separately.

The Lab is a practice and is not included in the overall progress.

Why It's Worth Your Time

System security can feel overwhelming at first, but with a step-by-step approach, it becomes a highly rewarding field to explore. This Path is designed to help learners interested in system hacking build their skills gradually, starting from fundamental vulnerabilities like stack buffer overflows. By practicing, thinking critically, and solving problems along the way, you'll naturally develop a strong understanding of core concepts and principles of system security. This Path will equip you with both solid foundations and practical skills in system hacking. This Path is explained based on the x86-64 architecture of the Ubuntu 22.04/18.04 Linux operating system.

Topics Covered

Setting up and using real Linux environments with virtual machines and WSL
Deep understanding of computer architecture and memory structures: x86 assembly, memory layout, and calling conventions
Vulnerability analysis and exploitation using gdb and pwntools
Hands-on exercises with key memory vulnerabilities: Stack Buffer Overflow, Format String Bug, Use-After-Free, Double Free
Analysis and bypassing of security mitigations: NX, ASLR, PIE, RELRO
Logical vulnerability analysis such as command injection, path traversal, and type errors

Recommended For

Those who want a clear understanding of system hacking and security principles
Aspiring CTF participants who want to build real-world exploitation skills
Future white-hat hackers, security engineers, or vulnerability analysts

Prerequisite Knowledge

Basic computer skills
Basic understanding of computer components and how computers work
Programming experience with C or C++

Unit Composition

Total 19 units

1

Environment Setup for Linux

9.7
(888)

Tier 0 Beginner

Environment Setup for Linux

9.7
(888)

Tier 0 Beginner

Learn how to set up a Linux environment on Apple Silicon Mac and Windows.

1 courses 1

Environment Setup for Linux

Environment Setup for Linux
2

Computer Architecture Basics

9.6
(592)

Tier 0 Easy

Computer Architecture Basics

9.6
(592)

Tier 0 Easy

Explore computer architecture and x86-64 ISA fundamentals.

1 courses 1

1 quizzes 1

Computer Architecture Basics

Background: Computer Architecture

Quiz: Computer Architecture
3

Linux Memory Layout

9.8
(346)

Tier 0 Easy

Linux Memory Layout

9.8
(346)

Tier 0 Easy

Learn about the memory structure of Linux processes.

1 courses 1

1 quizzes 1

Linux Memory Layout

Background: Linux Memory Layout

Quiz: Linux Memory Layout
4

x86 Assembly

9.7
(276)

Tier 0 Easy

x86 Assembly

9.7
(276)

Tier 0 Easy

Learn the fundamentals of assembly language for the x86-64 architecture.

2 courses 2

3 quizzes 3

x86 Assembly

x86 Assembly🤖: Essential Part(1)

x86 Assembly🤖: Essential Part(2)

Quiz: x86 Assembly 1

Quiz: x86 Assembly 2

Quiz: x86 Assembly 3
5

GDB

9.9
(151)

Tier 0 Easy

GDB

9.9
(151)

Tier 0 Easy

Explore the use of GDB and pwndbg for debugging in Linux environments.

2 courses 2

1 Labs 1

1 quizzes 1

1 challenges 1

GDB Installation

GDB

Free Trial
Lab: GDB - Guess Value

Quiz: GDB

[Exercise] GDB

Exercise: GDB

Exercise: GDB
6

pwntools Basics

9.9
(120)

Tier 0 Easy

pwntools Basics

9.9
(120)

Tier 0 Easy

Learn how to use pwntools, a versatile tool widely used across various security fields.

3 courses 3

1 quizzes 1

2 challenges 2

pwntools Basics

Pwntools Basics

Quiz: pwntools

[Exercise] pwntools 1

Exercise: Pwntools 1

addition-quiz

[Exercise] pwntools 2

Exercise: Pwntools 2

flag-shop
7

Shellcode

9.8
(99)

Tier 0 Medium

Shellcode

9.8
(99)

Tier 0 Medium

Learn about shellcode used in system hacking and how to write your own.

2 courses 2

1 quizzes 1

1 challenges 1

Shellcode

Exploit Tech: Shellcode

Quiz: Shellcode

[Exercise] shell_basic

Exercise: shell_basic

shell_basic
8

Calling Convention

9.7
(126)

Tier 0 Easy

Calling Convention

9.7
(126)

Tier 0 Easy

Understanding calling conventions.

1 courses 1

1 quizzes 1

Background: Calling Convention

Background: Calling Convention

Quiz: Calling Convention
9

Stack Buffer Overflow

9.9
(77)

Tier 0 Medium

Stack Buffer Overflow

9.9
(77)

Tier 0 Medium

Explore stack buffer overflow vulnerabilities.

4 courses 4

3 Labs 3

3 challenges 3

Stack Buffer Overflow

Memory Corruption: Stack Buffer Overflow

Lab: Stack Buffer Overflow - Auth Overwrite

Pro

Lab: Stack Buffer Overflow - Memory Leak

Pro

Lab: Stack Buffer Overflow - Change Control Flow

Pro

[Exercise] Stack Buffer Overflow

Exploit Tech: Return Address Overwrite

Return Address Overwrite

[Exercise] Stack Buffer Overflow - 2

Exercise: basic_exploitation_001

Exercise: basic_exploitation_000

basic_exploitation_000

basic_exploitation_001
10

Stack Canary

9.9
(58)

Tier 1 Medium

100 Coin

Stack Canary

9.9
(58)

100 Coin

Tier 1 Medium

Explore stack buffer overflow attacks, stack canaries, and techniques to bypass them.

3 courses 3

1 Labs 1

1 quizzes 1

2 challenges 2

Stack Canary

Mitigation: Stack Canary

Lab: Stack Canary

Pro

Quiz: Stack Canary

[Exercise] Stack Canary

Exploit Tech: Return to Shellcode

Exercise: ssp_001

Return to Shellcode

ssp_001
11

Bypassing NX & ASLR

9.9
(47)

Tier 1 Medium

200 Coin

Bypassing NX & ASLR

9.9
(47)

200 Coin

Tier 1 Medium

Understand how NX and ASLR work as mitigation techniques, and explore ROP (Return-Oriented Programming) as a method to bypass them.

6 courses 6

1 quizzes 1

4 challenges 4

NX & ASLR

Mitigation: NX & ASLR

Static Link vs. Dynamic Link

Background: Library - Static Link vs. Dynamic Link

Quiz: Static Link vs. Dynamic Link

[Exercise] Return to Library

Exploit Tech: Return to Library

Return to Library

[Exercise] Return Oriented Programming

Exploit Tech: Return Oriented Programming

rop

[Exercise] Return Oriented Programming - 2

Exploit Tech: ROP x86

Exploit Tech: ROP x64

basic_rop_x64

basic_rop_x86
12

Bypassing PIE & RELRO

9.9
(35)

Tier 1 Medium

150 Coin

Bypassing PIE & RELRO

9.9
(35)

150 Coin

Tier 1 Medium

Learn how PIE and RELRO function as mitigation mechanisms, and explore bypass techniques using hook overwriting and One Gadget exploitation.

5 courses 5

2 quizzes 2

3 challenges 3

PIE

Background: PIE

Quiz: PIE

RELRO

Background: RELRO

Quiz: RELRO

[Exercise] Hook Overwrite

Exploit Tech: Hook Overwrite

fho

[Exercise] Hook Overwrite - 2

Exercise: hook

Exercise: oneshot

oneshot

hook
13

Out-of-Bounds (OOB)

9.8
(33)

Tier 1 Easy

50 Coin

Out-of-Bounds (OOB)

9.8
(33)

50 Coin

Tier 1 Easy

Understand Out-of-Bounds (OOB) vulnerabilities caused by out-of-range array access and learn how they can be exploited.

2 courses 2

1 quizzes 1

1 challenges 1

Out of bounds

Memory Corruption: Out of Bounds

Quiz: Out of Bounds

[Exercise] Out of Bounds

Exploit Tech: Out of bounds

out_of_bound
14

Command Injection - C Language

9.9
(34)

Tier 1 Easy

50 Coin

Command Injection - C Language

9.9
(34)

50 Coin

Tier 1 Easy

Explore command injection vulnerabilities and how to prevent them.

2 courses 2

1 challenges 1

Command Injection - C Langauge

Logical Bug: Command Injection

[Exercise] Command Injection

Exploit Tech: Command Injection

cmd_center
15

Path Traversal - C Language

9.7
(42)

Tier 1 Easy

50 Coin

Path Traversal - C Language

9.7
(42)

50 Coin

Tier 1 Easy

Explore Linux file system path concepts and path traversal vulnerabilities.

1 courses 1

Path Traversal - C Language

Logical Bug: Path Traversal
16

Type Error - C Language

9.9
(27)

Tier 1 Easy

50 Coin

Type Error - C Language

9.9
(27)

50 Coin

Tier 1 Easy

Learn the importance of data types in C and how improper usage can lead to security vulnerabilities.

2 courses 2

1 challenges 1

Type Error

Logical Bug: Type Error

[Exercise] Type Error

Exploit Tech: Type Error

sint
17

Use-After-Free (UAF)

9.3
(30)

Tier 1 Easy

50 Coin

Use-After-Free (UAF)

9.3
(30)

50 Coin

Tier 1 Easy

Explore how ptmalloc2 manages memory, then learn about the Use-After-Free vulnerability and how to exploit it.

3 courses 3

1 quizzes 1

1 challenges 1

ptmalloc2

Background: ptmalloc2

Quiz: ptmalloc2

Use-After-Free

Memory Corruption: Use After Free

[Exercise] Use-After-Free

Exploit Tech: Use After Free

uaf_overwrite
18

Double Free Bug

9.7
(19)

Tier 1 Medium

150 Coin

Double Free Bug

9.7
(19)

150 Coin

Tier 1 Medium

Explore double free bug and tcache poisoning techniques in heap exploitation.

4 courses 4

1 Labs 1

1 quizzes 1

3 challenges 3

Double Free Bug

Memory Corruption: Double Free Bug

Lab: Double Free Bug - Tcache

Pro

Quiz: Double Free Bug

[Exercise] Double Free Bug

Exploit Tech: Tcache Poisoning

Tcache Poisoning

[Exercise] Double Free Bug - 2

Exercise: tcache_dup

Exercise: tcache_dup2

tcache_dup2

tcache_dup
19

Format String Bug

10.0
(14)

Tier 1 Medium

100 Coin

Format String Bug

10.0
(14)

100 Coin

Tier 1 Medium

Explore format string bugs, their exploitation, and practical exercises.

4 courses 4

2 Labs 2

1 quizzes 1

3 challenges 3

Format String Bug

Memory Corruption: Format String Bug

Lab: Format String Bug - Memory Read

Pro

Lab: Format String Bug - Memory Write

Pro

Quiz: Format String Bug

[Exercise] Format String Bug

Exploit Tech: Format String Bug

Format String Bug

[Exercise] Format String Bug - 2

Exercise: basic_exploitation_002

Exercise: basic_exploitation_003

basic_exploitation_002

basic_exploitation_003