Abstract
This four-day training will teach students without prior experience how to develop exploits for modern binary software, taking them from 1990s style buffer overflows through contemporary exploitation in programs protected by stack canaries, NX, RELRO, and ASLR. The training will focus on exploiting Linux user mode x86/x64 binaries, but the lessons learned from the class are widely applicable to other platforms and architectures. Students will learn to reason about the fundamental structures that give rise to software vulnerabilities, underlie various exploitation techniques, and drive mitigation development.
The course is primarily hands-on-keyboard exercises rather than lecturing, but will introduce diagrams and theory as needed. The entire class will regularly sync up as a group to discuss concepts, problems, and solutions.
Course Topics
- Fundamentals
- Program structure
- Disassembly and Debugging
- x86/x64 refresher
- Basic bug classes
- Hijacking control flow
- Stack overflows
- Classic Exploitation
- Shellcoding
- Corrupting function pointers
- Arithmetic and integer errors
- Heap overflows
- Linux syscall interface
- Overcoming Exploit Mitigations
- Stack canaries
- ASLR
- DEP/NX
- Ret2libc
- Intro to ROP
- Putting It All Together
- Combining primitives
- Reasoning about mitigations and bypasses
- Exploitation on other platforms and architectures
- Continuity of execution
- Weird machines
Prerequisites
Students are expected to have experience programming in C or C++, and basic knowledge of the Linux command line. Prior experience with reverse-engineering is nice to have, but not required.
System Requirements
Computer capable of running a virtual machine. Recommended minimum 8GB RAM with quad-core processor. VMWare or VirtualBox to run a Linux VM (all exercises will be in the Linux VM)