Announcement

Collapse
No announcement yet.

Workshop Information: Hack to Basics...

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Taows
    replied
    Does anyone have an archived file with all downloads and materials from FuzzySecurity tutorials?

    Leave a comment:


  • Taows
    replied
    My students' achieveessays


    Greetings to everyone,
    I teach a course> Buffer Overflows: Attacks and Defenses for the Vulnerability at UT Austin Computer Science dep. Our first modules covered 32-Bit Windows Buffer Overflows (under the guidance of VetSec webmaster and Ashwin Goel,a part-time bug hunter and software developer), now we're moving further and need to cover x86 Windows Based Buffer Overflows.

    Leave a comment:


  • tottenkoph
    started a topic Workshop Information: Hack to Basics...

    Workshop Information: Hack to Basics...

    Title: Hack to Basics - x86 Windows Based Buffer Overflows, an introduction to buffer overflows

    Instructor: Dino Covotsos

    Abstract: Want to learn about exploit development but feeling overwhelmed at all the latest technologies and buzzwords?

    Hack to basics is a course which will provide you with foundational level exploit development skills with real world exploitation techniques. This will range from “Vanilla” EIP overwrites through to Structured Exception Handler(SEH) exploitation and how egg hunters work with practical examples.

    By the end of the course, Students can expect to know the basics of x86 assembly, including some real world examples of exploiting vanilla EIP overwrites, SEH exploitation and using egg hunters. This will provide an entry to the world of exploit development and a strong foundation to work off in order to make it easier to transition to the newer, more advanced technologies which are in place today.

    To get the most out of this training, the following should be studied beforehand:

    FuzzySecurity:
    http://www.fuzzysecurity.com/tutorials/expDev/1.html
    http://www.fuzzysecurity.com/tutorials/expDev/2.html
    http://www.fuzzysecurity.com/tutorials/expDev/3.html
    http://www.fuzzysecurity.com/tutorials/expDev/4.html

    Corelan:
    https://www.corelan.be/index.php/200...sed-overflows/
    https://www.corelan.be/index.php/200...torial-part-2/
    https://www.corelan.be/index.php/200...al-part-3-seh/

    We will be using Python to construct our exploits, combined with a debugger such as Immunity or OllyDBG, it it is recommended to be familiar with both.

    Level: Intermediate/Advanced

    Pre-Requisites: Basic experience in assembly and a debugger, preferably Immunity or Olly.
    2-3 years of penetration testing experience would be beneficial.
    Experience in Kali linux, as this will be used as the primary operating system.

    Required Materials: Laptops with the following specs or greater:

    Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz (or AMD equivalent)
    8GB RAM
    Kali Linux installed (x86 is fine)
    Wireless Network Adapter + Ethernet Adapter
    Virtualbox or equivalent installed
Working...
X