In this talk, Zeng Yihui gave a great talk about attacking format string bugs. He started from explaining buffer overflow, ROP and other basic knowledges. In combination with demo and exercises, he showed us some advanced techniques for exploiting format string vulnerabilities.
You can download slides and codes for review.
Under the permission of the speaker, we also recorded a video of this awesome talk.