The course is focused on a comprehensive coverage of software exploitation. It will present different domains of code exploitation and how they can be used together to test the security of an application. The participants will learn about different types and techniques of exploitation, using debuggers to create their own exploits, understand protection mechanism of the Operating Systems and how to bypass them.
The course is heavily focused on being hands-on. Reference material documents will be provided for concepts for further reading. This class is all hands on, from the word Go! Only code and exploitation techniques are what you will take home.
- Types of Exploitation
- Stack Buffer overflow
- Heap Overflow
- Introduction to Debuggers
- Immunity Debugger
- Live Exploitation demo
- Windows Exploitation – Walkthrough for sample application
- Fuzzing – Triggering the vulnerability
- Crafting the attack string
- Return to stack vs Return through registers
- Break-point debugging
- Creating the payload
- Shellcode basics
- Different Types of Payloads
- Exploiting with Structured Exception Handlers (SEH)
- ActiveX Exploitation
- Exploit Protection mechanism
- GS Cookie
- Introduction to Linux Exploitation
- Basics of GDB Debugger
- Return-to-libc technique
Who should attend?
- Information Security Professionals
- Anyone with an interest in understanding exploit development
- Ethical Hackers and Penetration Testers looking to upgrade their skill-set to the next level
Upon completion of this course, participants will be able to :
- Understand how exploits works and different types of software exploitation techniques
- Understand the exploit development process
- Search for vulnerabilities in closed-source applications
- Write their own exploits for vulnerable applications
- Working knowledge of Windows Operating System Linux Operating Systems/li>
- Working knowledge of scripting languages like Ruby or Python
- Basics of x86 Assembly
- Comfortable with command-line utilities
What to bring
- Bring your own Laptop
- Bring the latest version of VMware Player available, installed on your system.
- Have administrative rights on this system.
- Laptop should at least have 3GB of RAM in total.
What to expect
- Calc.exe popping up everywhere!
- Two days of debugging and disassembling.
- Only place where *pointers are not the ideal ones.
What not to expect
- Anything not related to Exploit Development
- Theory and Slides!
About the Trainer
Omair is a security professional with 6 years of experience in Penetration Testing and Vulnerability Assessment. He is an active Exploit Developer and is also a regular trainer for such courses.
His core interests lie in discovering vulnerabilities. A few of them are listed below:
- GDI+ Record Type Vulnerability (CVE-2012-0165)
- Excel SXLI Record Memory Corruption Vulnerability (CVE-2012-0184)
- Excel File Format Memory Corruption in OBJECTLINK Record Vulnerability (CVE-2012-0142)
- Excel File Format Memory Corruption Vulnerability (CVE-2012-0141)
- Google Chrome - Memory corruption in Skia (CVE-2011-3065)