hack-night

Week 10 - Exploitation \\ Part 1

In this week's session, we will go over some advanced concepts related to computer security. Dino Dai Zovi will go over various memory errors that an application can cause often leading to catastrophic results. Topics that will be covered are various memory errors like buffer overflows, uninitialized variables, use after free etc. and how we can use them to take control of an application. We will also look at exploitation mitigation that your current OS implements, it's not 1988 anymore. Finally, we will look at some techniques used to bypass modern mitigations.

Lecture Materials

  1. Memory Corruption 101 [slides]

Workshop Materials

  1. Vulnerable Application

Resources

  1. Exploitation
  2. VMWare Player
  3. Linux Machine (preferably, Ubuntu)
  4. IDA Demo
  5. Windbg