Zero To Leet - Introduction to 64-bit Exploit Development

2 Day Training: August 1,2

Abstract

Zero to Leet brings you an intense 2-day course featuring a practical hands-on approach to exploit development on 64-bit Linux systems. This class is perfectly suited for students who are new to exploit development and want to break into the field of offensive security.

Our beginner level class kicks off with an introduction to x64 Intel architecture and assembly language, static analysis of vulnerable userland x64 binaries using IDA Pro, and GDB debugging techniques for dynamic analysis. Next, we'll exploit stack-based buffer overflows where we will write shellcode from the ground up to gain code execution. Then we'll bypass exploit mitigation techniques like XN/DEP using Return Oriented Programming (ROP). Labs will be conducted in a virtual environment for analysis and exploitation. Students will leave with the necessary hands-on experience, knowledge, and confidence to discover and exploit 0-day vulnerabilities in modern software.

Suggested Combo: HeapLAB - GLIBC Heap Exploitation, Aug 3,4

Key Learning Objectives

  • Introduction to the x64 Intel architecture
  • Exploring x64 Intel assembly language
  • Understanding how functions work
  • Static analysis using IDA Pro
  • Debugging and dynamic analysis on 64-bit Linux systems
  • Decompiling binaries using Snowman
  • Understanding common vulnerability classes
  • Exploiting stack buffer overflows
  • Writing shellcode from the ground up
  • Introduction to exploit mitigation techniques like XN/DEP
  • Introduction to Return Oriented Programming
  • Bypassing exploit mitigation using ROP

Who Should Attend

  • Students with little to no experience in how to find and exploit software vulnerabilities
  • Students who want to become security researchers or work in the field of offensive security
  • Students familiar with 32-bit binary exploitation who want to upgrade their skills to 64-bit platforms
  • Bug Hunters who want to write exploits for all the crashes they find.
  • Members of reverse engineering research teams who want to learn exploit development

Agenda

Day 1:

  • Introduction to the x64 Intel architecture
  • Exploring x64 Intel assembly language
  • EXERCISES - Examples in x64 Intel Assembly Language
  • Understanding how functions work
  • Static analysis of vulnerable 64-bit binaries using IDA Pro
  • Debugging and dynamic analysis on 64-bit Linux systems
  • EXERCISES – Static and Dynamic Analysis labs
  • Introduction to stack-based buffer overflows
  • Exploiting Stack Overflows
  • EXERCISES - Stack Overflow exploitation

Day 2:

  • Writing Shellcode from the ground up
  • Introduction to Exploit Mitigation Techniques (XN/DEP)
  • Introduction to Return Oriented Programming
  • EXERCISES - Bypassing XN/DEP using ROP
  • ROP Tools
  • EXERCISES - Searching for ROP Gadgets
  • ROP Chaining
  • EXERCISES - Exploit featuring ROP Chains

Pre-requisites

  • Have a working knowledge of C programming and Python 2.7
  • Knowledge of computer architecture and x86 is preferred
  • Familiarity with navigating Linux environments and command line knowledge
  • If none of the above apply, then enough patience to go through the pre-class tutorials.

Pre-class Tutorials

The following tutorials have been specially prepared to get students up to speed on essential concepts before coming to class.

Hardware Requirements

  • A working laptop (no Netbooks, no Tablets, no iPads)
  • Intel Core i3 (equivalent or superior) required
  • 8GB RAM required, at a minimum
  • Wireless network card
  • 40 GB free Hard disk space
  • If you're using a new Macbook or Macbook Pro, please bring your dongle-kit (for reading USB-A pen drives)

Software Requirements

  • Linux / Windows / Mac OS X desktop operating systems
  • IDA 7 Freeware. The free version is sufficient.
  • Snowman Decompiler. Free download here.
  • VMware Workstation or Fusion. The free 30-day trial is sufficient.
  • Ubuntu 14.04 64-bit virtual machine. This can be downloaded here.
  • Administrator / root access MANDATORY

Students will be provided with

Students will be provided with a USB stick loaded with course slides, sample code, and lab exercises which attendees can take with them to continue learning and practicing after the training ends.

Hahna Latonick

Hahna Latonick

Early Bird Pricing - Register Now

For the past 14 years of her engineering career, Hahna Kane Latonick has worked throughout the defense industry specializing in cybersecurity as a computer security researcher for the Department of Defense and other defense contracting companies. She has been featured as a cybersecurity subject matter expert on Fox Business News, ABC, U.S. News and World Report, and other national media outlets. She has led three tech startups teaching computer security while also serving as CTO of two of them. She has trained and developed security researchers at one of the top five aerospace and defense industry companies. She has also taught at the Security BSides Orlando conference. In 2014, she became a DEFCON CTF finalist, placing in 6th and ranking in the top 1.5% of ethical hackers worldwide. She also holds a CISSP and CEH certification. Latonick attended Swarthmore College and Drexel University where she earned her B.S. and M.S. in Computer Engineering along with a Mathematics minor.