Today and tomorrow i will attend an Exploit Lab Training from Sk. The training is about teaching me how to create and exploit from buffer overflow and etc. It's a good training to get an idea how exploiter find a vulnerability in some application by using reverse engineering. Really glad that i can join and learn this training from Sk for free. This training also been presented in BlackHat USA 2007 and also at HITBSecConfKL2007. If you interest in joining this training in HITBSecConfKL2007, click here for more details.
Overview:
This workshop shall introduce how buffer overflow vulnerabilities arise in programs and how they get exploited. The workshop will take you deep inside how programs are loaded and execute within memory, how to spot buffer overflow conditions and how exploits get constructed for these overflow conditions. By exposing the inner mechanisms of such exploits, we will understand how to prevent such vulnerabilities from arising.
The workshop will cover analysis of stack overflows, heap overflows and format string vulnerabilities. Examples of vulnerabilities shall be provided on both the Windows as well as the Unix platform. The class is highly hands-on and very lab intesive. The hands-on lab provides real-life examples of programs containing vulnerabilities, and participants are required to analyse and exploit these vulnerabilities.
Who should attend
Pen-testers, developers, just about anyone who wants to understand how exploits work.
Key learning objectives
Understanding error conditions.
Categories of error conditions - stack overflow, heap overflow, off-
by-one, format string bugs, integer overflows (this class will deal
only with stack, heap and format string)
Unix process memory map
Win32 process memory map
Writing shellcode
Real life exploit construction
Secure coding practices
Kernel level protection mechanisms
Attendees will require:
A working knowledge of operating systems, Win32 and Unix
Ability to compile programs using GCC
Ability to use vi/pico/joe editors
Understanding of C programming would be a bonus
The important notes is:
This class requires you to sign a code-of-ethics document, which is to ensure appropriate use of such techniques.
:)