Abstract:
In this class we will start with introductory exploit development for Windows and Linux platforms. In class you will gain hands on experience finding vulnerabilities, writing working exploits from scratch, and porting public exploit code to meet your needs. We will start with the basics of stack based buffer overflows including saved return pointer and structured exception handler overwrites. We will look at dealing with space issues for shellcode such as egghunting and relative jumps. Then we will move onto bypassing more advanced anti-exploitation measures such as stack cookies, ASLR, DEP, etc. In addition to writing exploits from scratch we will look at public exploit code and porting it to fit our environment’s needs. We will also look at writing Metasploit modules and porting our exploits into Metasploit. Hands on labs for both Windows and Linux will be covered, exploiting real vulnerable programs. No previous programming or exploitation experience is required. Exploit skeletons will be provided for each exercise allowing students to focus on the attack string rather than programming syntax.
Module 1: Stack Based Buffer Overflow Basics
Module 2: Structured Exception Handler Overwrites
Module 4: Porting Public Exploit Code
Module 5: Writing Metasploit Modules
Module 6: Space Issues: Relative Jumps
Module 7: Space Issues: Shellcode Splitting
Module 8: Space Issues: Egghunter
Module 10: Bypassing Data Execution Prevention