EXPLOIT DEVELOPMENT LEVEL II

In this 1 day class we will study exploit development for Windows picking up where Introduction to Exploit Development left off. In class you will gain hands on experience finding vulnerabilities, writing working exploits from scratch, and porting public exploit code to meet your needs. Having previously learned stack based buffer overflows and SEH overwrites, in this class we will look at more advanced techniques such as dealing with a lack of space for shellcode, using egghunters, bypassing ASLR and bypassing DEP. We will look at public exploit code and porting it to fit our environment’s needs. We will also look at writing Metasploit modules and porting our exploits into Metasploit modules. Hands on labs will be covered in class. Additional exploitable programs will be included for after class practice. No programming experience is required. We will begin with exploit skeletons in Python and focus our efforts in creating working exploit strings.

When: TBA

Where: Online! The class will be held using GoToMeeting. There is a free client download for Windows and Mac. Like most useful things it isn’t supported on Linux unfortunately. You will able to see me, hear me, and see my screen as I demonstrate the hands-on material.

HOW IT WORKS

A week before the class I will upload 2 victim virtual machines for students to download. These will be compressed to make the download as small as possible but you can still expect about 500MB-1GB total. So if you have a slow connection you might not want to wait till the night before.  You will host these victims and a Kali Linux attack virtual machine on your own machine using Vmware or Virtual Box. You will be able to follow along with everything covered in class on your virtual machines. Additionally there will be independent exercises during the course using your virtual machines. You will also receive a meeting invite to join the live portion of the class. The day of class you choose to attend, log in to the GoToWebinar session.

Student Requirements:

  • Kali Linux Vm. It can be downloaded here: http://www.backtrack-linux.org
  • About 10 GB of free space for victim virtual machine that will be provided by the instructor
  • Vmware or Virtual Box (free and/or trial versions are available)

WHAT YOU GET

  • One full day of online instruction
  • Fully configured victim virtual machine downloads (Windows trials) for use in the class
  • Additional exploitable binaries will be included on the virtual machines for practicing the skills covered after class
  • Access to the instructor to answer questions about the material during and after the course
  • Slides, exploit skeletons, & other course material

Topics covered:

  • Using Jumps to Deal with Space Issues
  • Egghunters
  • Bypassing Windows ASLR
  • Bypassing DEP

Be sure to put in your correct email address when you purchase the class. That is the email I will use to communicate class details with you. I will communicate with you within 24 hours of your sign-up confirming your registration. One week before the class you receive meeting and virtual machine information. If you do not receive communication check your spam folder.