Exploit Development

Intermediate

RT433

Table of Contents

Description

During this course, participants will learn programming languages and Shellcode writing. They will gain knowledge in program structure and execution patterns in order to know how to find vulnerabilities in, and exploit, programs and codes to gain control of target systems and applications.

This course covers how to write shellcodes, programs, and tools, essential skills for advanced penetration testers and software security professionals.

How to make the most of this course?

In order to succeed in the course, the following requirements must be met:

  • Participation in all practical laboratories
  • Self-work at home between lessons
  • Repetition of materials, self-learning, performing tasks, etc…

In addition to regular classroom studies, the participant is required to practice at least 10 hours a week in order to gain practical experience in the field.
A personal computer suitable for running virtual machines, with an Internet connection
Transition of the scenarios in the Cyberium Arena.

Target audience

  • Penetration testers
  • Security professionals and vendors
  • Research teams

Objectives

  • Discovering different levels of vulnerabilities including zero-day vulnerabilities
  • Understanding the methods of attacks
  • Infrastructure and system defense
  • Become familiar with APT and attacks that happened in recent years
  • Understanding modern security mechanisms and how hackers bypass them

Pre-requisites

  • Background in Malware Analysis
  • ThinkCyber Level-2 Courses

Syllabus

Description

In this module, participants will learn a course that will speed up C-language programming capabilities to acquire the necessary skills in writing shellcode.

Technical content

  • C programming fundamentals
    o Variables
    o Input and Output
    o Keywords and Operators
    o Expressions and Statements
    o Control Flow
    o The C Preprocessor
    o Functions
    ▪ Reasons for Using Functions
    ▪ Basic Structure
    ▪ Return Statement
    ▪ Difference between ANSI-C and “Traditional C”
    ▪ Object Storage Classes and Scope
    ▪ Larger Programs
    ▪ Macros
    o Pointers
    ▪ Pointer Definition and Use
    ▪ Pointers as Function Arguments: “Call by Value”
    ▪ Arrays
    ▪ Functions Returning Pointers
    ▪ Multidimensional Arrays
    ▪ Strings
    ▪ Command Line Arguments
    ▪ Pointers to Functions
    o Code Structures
    ▪ Syntax and Operations
    ▪ typedef
    ▪ Array of Structures
    ▪ Use with Functions
    ▪ Linked Lists
    ▪ union
    ▪ enum
    o Using C Libraries
    ▪ Memory Allocation
    ▪ Math Libraries
    ▪ Random Variables
    ▪ Input and Output
    ▪ Strings
    ▪ General Style
    ▪ Layout
    ▪ Naming Conventions

Description

In this module, participants will acquire experience in machine language Assembly to become familiar with Shellcode codes and write one by themselves.

Technical content

  • x86 Processor Architecture
    o Understanding Buses and Data Traffic
    o Syscalls Table
    o Number and Character Representation
    o Basic Assembly x86 Programming
    ▪ Standard Output
    ▪ Registers
    ▪ Variables and Reserves
    ▪ Strings in Assembly
    ▪ Working with Numbers
    ▪ Jumps and Flags

Description

Shellcode is a set of instructions that executes a command in software to take control of or exploit a compromised machine. This module will provide an understanding of how Shellcode is built, why it is used, and how to write it using conventional methods and techniques.

Technical content

Background Information
o Processor Registers Structure
o Understanding Upper and Lower Data Block
o Syscalls with Arguments
o Zero Out a Register
o Windows Calling Convention
o Shellcode Tools
▪ Gcc and ld
▪ Nasm
▪ Objdump
o Find the DLL Base Address
o Find the Function Address
o Call the Function
o Write the Shellcode
o Test the Shellcode
o Linux Shellcoding
▪ Loading Addresses
▪ Spawning a Shell
o Windows Shellcoding
▪ Using Sleep Function
▪ Writing Message
▪ Adding an Administrative Account
o Printable Shellcode

Labs

The following labs are part of the actual RT433 course:
  • Lab 1 C Programming
  • Lab 2 C Functions
  • Lab 3 Macros
  • Lab 4 Memory Allocation
  • Lab 5 Assembly
  • Lab 6 Syscall
  • Lab 7 Flags
  • Lab 8 Shellcode Tools
  • Lab 9 Linux Shellcode
  • Lab 10 Working with DLL

Real cases studies

Case study #1 (EDA001)
Skype, a free online service that allows users to communicate by voice, video, and chat, was a cause for a bug that allowed hackers to execute malicious code remotely. This bug was leaked and then discovered by Skype themselves; following this, the bug was mitigated and fixed. A group of hackers managed to replicate this bug in the new version, but all they provided is a POC.
Reference
Case study #2 (EDA002)
A group of international cyber activists managed to abuse a vulnerability in an FTP Server; the company rushed to fix the issue, but after months of going back and forth, they were unable to replicate the steps that the cyber group performed. Following this, the company issued a bug-hunting program, rewarding the first to provide a working POC.
Reference
Previous slide
Next slide
RT433

 Course type

This course is delivered in the following ways:

  • Virtual classroom with proctored labs and scenarios executed in our Cyberium Arena
  • In situe classroom with proctored labs and scenarios executed in our Cyberium Arena

All sessions are recorded and attendees can replay them  during 30 days. All course material is electronically made available to the participant.

 Course Group: FOUNDATION

LEVEL
0%
1
HOURS

 Hands-on / Theory MiX

The following course incorporates a high level of hands-on labs exercises, as well as real life case studies.

1 %
Hands-on
1
Labs
1
Case Studies

Certification

This course prepares the participant to the following certification:

  • SEC760 (SANS)

Required EqUIPMENT

Network connection

As this course extensively uses a cloud based Learning Management System, including a lab arena, attendees need a stable broadband connection to the Internet.

BYOD – Bring Your Own Device

As it is a very practical course, and in order for the participants to make the most of the course, they need a laptop with the following capabilities:

  • Audio and Video
  • 8 GB RAM
  • 200 GB Disk Space
  • Virtualization capabilities ( supporting latest version of Virtualbox or similar virtual machine application)

And also a Good Headset with Mic

More Details

Subscribe