From 4d2b9609717eb58a8178e8b550c80c5e18d2ad63 Mon Sep 17 00:00:00 2001
From: Ward Wouts <ward@wouts.nl>
Date: Wed, 15 Feb 2023 11:09:42 +0100
Subject: [PATCH] Make exploitation workflow explicit

---
 index.html | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/index.html b/index.html
index 7aa66bb..31f0d45 100644
--- a/index.html
+++ b/index.html
@@ -322,6 +322,21 @@ x86 is a **little-endian** architecture
 ]
 ---
 template: inverse
+# Exploitation workflow
+---
+.left-column[
+## Exploitation workflow
+]
+.right-column[
+- Find input to overflow
+- Figure out exact needed length for overflow to overwrite return address
+- Place shellcode in memory, ideally with a NOP-sled in front
+- Figure out shellcode location
+- Use overflow to point the return address at shellcode/NOP-sled
+  - Do take endianness into account
+]
+---
+template: inverse
 # Demo
 ---
 .left-column[