In the ever-evolving landscape of computer architecture, RISC-V has emerged as a promising and disruptive force. With its open-source nature and elegant design philosophy, RISC-V has garnered significant attention from both academia and industry alike. Unlike proprietary architectures, RISC-V is an open-source instruction set architecture (ISA) that provides unrestricted access to its specifications. This openness has spurred innovation, encouraging a flourishing ecosystem of developers, researchers, and companies to contribute to its development. Recent statistics indicate a surge in the adoption of RISC-V architecture, serving as a testament to its growing popularity. According to industry reports, the shipment of RISC-V-based devices reached an astounding 1 billion units in 2022 alone, marking a significant milestone for this emerging technology.

Given the growing popularity of RISC-V in the embedded systems market, it becomes crucial to address the potential security risks associated with the increasing number of devices. This blogpost series aims to provide a comprehensive exploration of RISC-V assembly language fundamentals, enabling readers to understand its core concepts and functionalities. We will begin by delving into the basics of RISC-V assembly, laying a solid foundation for subsequent discussions. In future blog posts, we will focus on setting up the development environment and tools required for writing and compiling assembly code. Furthermore, we will explore practical examples such as crafting basic shellcode and testing it on simple buffer overflow vulnerabilities. Additionally, we will dive into the creation of various shellcode variations, including shell spawning and reverse TCP shells, to expand our understanding and practical skills in this domain.

In the past few months I did some webinar on ARM architecture and shellcode, I thought it would be good idea to create a post which has links to all of those webinars.

Recently I am learning about Linux Heap exploitation and I came across some really good Phrack papers and blogs which explained different type of attacks in varying conditions, I have included the link of these blogs and papers in the next section. I also came across an amazing GitHub project How2Heap by shellpish team, this project has the example exploit code for various heap exploitation technique of different versions of Glibc out there in public, which help me to get a better understanding of how those attacks played out. That project also included a script to build Glibc with any version of your choice and test the exploit on that version.