Windows and Linux Exploitation

Agenda:

In this hands-on two day workshop, the participants will learn about the fundamentals of low level software exploitation on modern Linux and Windows systems. Participants will get an introduction into the x86 architecture in general and the characteristics of both operating systems. After initial exercises involving the exploitation of classic stack based buffer overflows, modern defense mechanism such as DEP and ASLR are presented and analyzed for weaknesses. The participants will learn how these defense mechanisms can be bypassed and will develop exploits targeting real world applications.

This is an exercise heavy course, attendees should be prepared to spend a lot of time inside a debugger, calculating memory addresses and watching their exploits crash.

Who should attend?

IT Security professionals that are interested to learn more about low-level security and want to understand the meaning of SEH,ROP,ASLR,GS,NX and DEP. Basic experience with a scripting language such as Python or Ruby is recommended.

Hardware Requirements:

A laptop computer capable of running a Windows 7 and Ubuntu VM. >4GB of memory and at least 40GB of free disk space.

About the Speakers