Accelerated Windows Overflows
Accelerated Windows OverflowsFour days of intensive hands on training in vulnerability analysis on the Windows Platform. Requires a basic technical background and familiarity with programming language and operating system concepts.
Equipment and Software Needed
- Laptop or Desktop x86 computer with VMWare
- pyGTK 2.0.0 (compiled from source with threads enabled)
- At least 4 Gigs of Free Hard Drive Space
- At least 512 Megs of Ram (1 Gig is preferred)
Topics that will be covered in this course include:
Day 1: Assembly Language Basics
- x86 Machine Architecture
- Differences between AT&T and Intel Encoding
- Python nuances
- CANVAS exploit structure
- Diagnosis of basic stack overflows
- Construction of stack overflows
- Finding reliable jump-points
- SEH Handling for Fun and Profit
- Using Immunity Debugger for exploit development
- Analyzing exploitation problems
- Basic stack overflow on Windows Walkthrough
- Student-driven stack overflows on Windows
Day 2: Advanced Windows Stack Overflows
- Using Search-shellcode
- Double-returns
- Shellcode Walkthrough and Creation
Day 3: More Advanced Windows Stack Overflows
- Windows Tokens and Permissions
- Stealing sockets
- Advanced Shellcode walkthrough
- DCE-RPC
Day 4: Basic Windows Heap Overflows
- Diagnosis of basic heap overflows
- Construction of Unhandled Exception Pointer overwrites
- Heap overflow shellcode analysis
- Construction of PEB overwrites