SANS SEC 710: Advanced Exploit Development (2011) [eBook (PDF)]
English | Size: 137.76 MB
SANS SEC710 is an advanced two-day course on exploit development. Students attending this course should know their way around a debugger and have prior experience exploiting basic stack overflows on both Windows and Linux. Terms such as "jmp esp" and "pop/pop/ret" should be nothing new to you. We will move beyond these attack techniques to explore more advanced topics on heap exploitation, format string attacks, and Microsoft patch reversal and exploitation. We will be taking a real Microsoft security patch, reversing it to model the discovery of an undisclosed vulnerability, and developing a client-side exploit that defeats controls such as Address Space Layout Randomization (ASLR).
Attendees can apply the skills developed in this class to create and customize exploits for penetration tests of homegrown software applications and newly discovered flaws in widespread commercial software. Understanding the process of exploit development can help enterprises analyze their actual business risks better than the ambiguous hypotheticals we often contend with in most traditional vulnerability assessments.
DAY 1 Topics
Abusing the unlink macro on the Linux OS
Overwriting C and C++ function pointers
Identifying format string vulnerabilities
Leaking memory and taking control of a process via a format string exploit
Advanced Stack Smashing
Heap Overflows on the Linux OS
DAY 2 Topics
Using IDA Pro to reverse engineer Microsoft patches
Using the BinDiff and patchdiff2 tools to identify code changes
Improve Microsoft stack and heap exploitation skills
Vulnerability discovery in less obvious places
Understand and develop client-side exploits
Heap spraying and defeating MS ASLR
SANS SEC 710: Advanced Exploit Development (2011) [eBook (PDF)] Fast Download via Rapidshare Hotfile Fileserve Filesonic Megaupload, SANS SEC 710: Advanced Exploit Development (2011) [eBook (PDF)] Torrents and Emule Download or anything related.