CanSecWest: Security Masters Dojo Vancouver
Practical ARM ExploitationRegister for Course, March 3-5
The purpose of the course is to introduce students with prior basic exploitation experience (on other architectures) to "real world" exploitation scenarios on the ARM processor architecture. The reality is that exploitation these days is harder and a bit more nuanced than it was in the past with the advent of protection mechanisms like XN, ASLR, stack cookies, etc. As such, this course is called "practical" because it aims to teach exploitation on ARM under the real-world circumstances in which the exploit developer will encounter (and have to circumvent) these protection mechanisms. The course materials focus on advanced exploitation topics (circumventing protection mechanisms) using Linux as the platform as a basis to learn the ARM architecture but with the obvious applications being platforms running on mobile phones, tablets, embedded devices, etc.
Our hope is that students with some previous exploitation experience go from knowing nothing about ARM on the first day to exploiting custom heap implementation (bypassing ASLR, NX) using their hand-built ROP connect-back-shell payload on the the last day.
- ARM assembly and reverse engineering
- ARM exploit development
- ARM shellcoding
- Evading ASLR on Linux
- Evading XN on Linux
- Evading Stack Cookies on Linux
- "Application specific exploitation" (pointer overwrites, heap grooming, etc)
- Return Oriented Programming (ROP)
- Advanced ROP
PREREQUISITE WARNING Each class has prerequisites for software loads and a laptop is mandatory. These individual class guides will list material the students are expected have knowledge about coming in and software tools that need to be pre-installed before attending so you get the maximum benefit from the focused intermediate or advanced level course. Please pay particular attention to the prerequisites, as the material listed there will not be reviewed in the courses, and will be necessary to get the maximum benefit out of these educational programs.
Prerequisite KnowledgeStudents taking the "Practical ARM Exploitation" course should have an intermediate software exploitation background on another architecture (such as x86). They should have hands-on familiarity with the following concepts:
- Exploitation of stack overflows
- Exploitation of heap overflows
- Basic experience with IDA
- Basic experience with a debugger
- Cursory knowledge of Python or some equivalent high-level scripting language (Java, Ruby, etc)
- C++ and C coding experience
What to bring:
- A laptop (running their favorite OS) capable of connecting to wired and wireless networks.
- An installed valid VMWare
- An installed copy of at least IDA Standard.
- An SSH/Telnet client to access the hosted QEMU images
- A brain.