Windows & Linux Binary Exploitation (On-site Training)
In this hands-on two day workshop, the participants will learn about the fundamentals of low level software exploitation on modern Linux and Windows systems.
Participants will get an introduction into the x86 architecture in general and the characteristics of Windows and Linux operating systems. After initial exercises involving the exploitation of classic stack based buffer overflows, modern defense mechanism such as DEP and ASLR are presented and analyzed for weaknesses. The participants will learn how these defense mechanisms can be bypassed and will develop exploits targeting real world applications.
This is an exercise heavy course. Attendees should be prepared to spend a lot of time inside a debugger, calculating memory addresses, and watching their exploits crash the software.
Who should attend this training? - IT Security professionals that are interested to learn more about low-level security and want to understand the meaning of SEH, ROP, ASLR, GS, NX, and DEP. Basic experience with a scripting language such as Python or Ruby is recommended.
Prerequisites - Basic understanding of Linux and Windows operating systems. - Basic experience with a scripting language such as Python or Ruby.
Requirements - A laptop computer capable of running a Windows 7 and Ubuntu VM. At least 4GB of memory and 40GB of free disk space. - VT-x should be enabled in BIOS/UEFI to ensure that 64-bit virtual machines can be run.