CanSecWest Vancouver 2012

Site menu:

Register | Conference | Dojo | Speakers | Agenda | Slides | Hotel & Travel | Contact

Security Masters Dojo

Advanced and intermediate security training and technology enhancement for information security professionals.

Exploit Lab

Register for March 4-6 Course - The Exploit Laboratory
**cannot be taken with any other dojo

Instructor(s):
Saumil Shah

Description

It is 2012 and we are back again with a specially designed Exploit Lab for CanSecWest featuring a 3-day training format. The class is an intermediate to advanced level class, for those curious to dig deeper into the art and craft of software exploitation. The Exploit Lab primarily covers browser, PDF and kernel exploitation on modern day operating systems. We begin with a quick overview of stack overflows, exception handler abuse, memory overwrites, and other core concepts. The class then moves on to use-after-free bugs and vtable overwrites, especially applicable to browser and PDF exploits. The class also spends a lot of time focusing on defeating modern day exploit mitigation techniques like DEP and ASLR using Return Oriented Programming (ROP). And lastly, we cover remote kernel exploitation on Windows.

The Exploit Laboratory requires a lot of hands on work. Lab examples used in this class cover Linux and Microsoft Windows platforms, featuring popular third party applications and products instead of simulated lab exercises.

As with the popular Exploit Laboratory, all topics are delivered in a down-to-earth, learn-by-example methodology. The same trainers who brought you The Exploit Laboratory for over six years have been working hard in putting together advanced material based on past feedback.

THE EXPLOIT LAB BLOG: http://blog.exploitlab.net
OUR TWITTER STREAM: @exploitlab

Topics

• Stack Overflows (Linux and Windows)
• Abusing Structured Exception Handlers on Windows
• Use-after-free bugs and vtable overwrites
• Browser Exploits
• PDF Exploits
• Defeating DEP using Ret2LibC
• Introduction to Return Oriented Programming
• ROP gadgets and stack flips.
• ROP shellcode loaders
• Practical ROP Exploits
• Bypassing ASLR on Windows 7
• Advanced Heap Spray techniques
• Introduction to Kernel Exploitation
• Remote Kernel Exploitation on Windows 7

Daily Class Outline

Day 1 - Breakage

• Introduction to systems concepts
• Using GDB and WinDBG
• Stack overflows on Linux and Windows
• Browser and PDF exploitation
• Use-after-free bugs
• vtable overwrites

Day 2 - Exploit Mitigation Bypass

• Defeating DEP using Ret2LibC
• Introduction to Return Oriented Programming
• ROP gadgets and stack flips.
• ROP shellcode loaders
• Practical ROP Exploits
• Bypassing ASLR on Windows 7

Day 3 - Advanced Techniques and Kernel Exploitation

• Introduction to Kernel Exploitation
• Remote Kernel Exploitation on Windows 7
• Advanced Heap Spray techniques
• Exploit exercises

PREREQUISITE WARNING Each class has prerequisites for software loads and a laptop is mandatory. These individual class guides will list material the students are expected have knowledge about coming in and software tools that need to be pre-installed before attending so you get the maximum benefit from the focused intermediate or advanced level course. Please pay particular attention to the prerequisites, as the material listed there will not be reviewed in the courses, and will be necessary to get the maximum benefit out of these educational programs.

Prerequisite Knowledge

• Have a working knowledge of operating systems, Win32 and Unix.
• Not be allergic to command line tools.
• Use vi/pico/joe editors.
• Have a working knowledge of shell scripts, cmd scripts or Perl.
• Understanding of C programming would be a bonus.

Refresher Materials

Before coming to class, it would be HIGHLY RECOMMENDED to study these three tutorials

• Operating Systems - A Primer
• How Functions Work
• Introduction to Debuggers

Hardware Requirements

• A working laptop (no Netbooks)
• Intel Core 2 Duo x86/x64 hardware (or superior) required
• 4GB RAM required, at a minimum
• Wired or Wireless network card
• 20 GB free Hard disk space

Software Requirements

• Windows XP SP3 / Windows 7 / Linux kernel 2.4 or 2.6 / Mac OS X 10.6 or 10.7 (Intel only)
• VMWare Player, VMWare Workstation, or VMWare Fusion MANDATORY
• Administrator or root access MANDATORY
• Ability to disable Anti-virus / Anti-spyware programs
• Ability to disable host firewall
• Perl 5.8
• An SSH client, such as PuTTY
• Netcat

NOTE: If your laptop is a locked-down company issued laptop, please make sure you have VMWare Workstation or VMWare Player installed by your administrator before you come to class.

NOTE: Please read the above note SERIOUSLY!

Sponsors:

More Information:

Sponsorship Information | Valid XHTML | Valid CSS

Wise words:

"Sen Sen No Waza - to strike the opponent after he has formed the intention to attack and has committed to a specific motion."

Copyright © dragostech.com inc. All Rights Reserved.