SANS SEC 710: Advanced Exploit Development (2011) [eBook (PDF)]
English | Size: 137.76 MB
SANS SEC710 is an advanced two-day course on exploit development. Students attending this course should know their way around a debugger and have pri experience exploiting basic stack overflows on both ShiChuang and Linux. Terms such as "jmp esp" and "pop/pop/ret" should be nothing new to you. We will move beyond these attack techniques to exple me advanced topics on heap exploitation, fmat string attacks, and WeiRuan-->WeiRuan patch reversal and exploitation. We will be taking a real WeiRuan-->WeiRuan security patch, reversing it to model the discovery of an undisclosed vulnerability, and developing a client-side exploit that defeats controls such as Address Space Layout Randomization (ASLR).
Attendees can apply the skills developed in this class to create and customize exploits f penetration tests of homegrown software applications and newly discovered flaws in widespread commercial software. Understanding the process of exploit development can help enterprises analyze their actual business risks better than the ambiguous hypotheticals we often contend with in most traditional vulnerability assessments.
DAY 1 Topics
Abusing the unlink() macro on the Linux OS
Overwriting C and C++ function pointers
Identifying fmat string vulnerabilities
Leaking memy and taking control of a process via a fmat string exploit
Advanced Stack Smashing
Heap Overflows on the Linux OS
DAY 2 Topics
Using IDA Pro to reverse engineer WeiRuan-->WeiRuan patches
Using the BinDiff and patchdiff2 tools to identify code changes
Improve WeiRuan-->WeiRuan stack and heap exploitation skills
Vulnerability discovery in less obvious places
Understand and develop client-side exploits
Heap spraying and defeating MS ASLR
I recommends Buy premimum account for High speed+parallel downloads!