HITBSecConf2011 – Malaysia » TT3 – Advanced Linux Exploitation Methods



TT3 – Advanced Linux Exploitation Methods

Trainer: Jonathan Brossard (CEO, Toucan Systems)
Capacity: 15 pax
Seats Left: 4
Duration: 2 days
Cost: (per pax) MYR3999 (early bird) / MYR4999 (non early-bird)

REGISTER NOW

Overview

The course will take the form of a Wargame, a popular exercise among security specialists. It covers the latest exploitation techniques, including ret2libc, ROP, heap sparying, stack canaries bruteforce etc. to exploit memory corruptions and non memory corruption bugs. In a nutshell, the game consists of several challenges trainees must pass to access to the next level.

The target is an Ubuntu server equipped with the latest security features (compiler SSP capable, stack canaries, randomization (ASLR) , non executable segments, security enhanced libc, among others). This is representative of the state of the art in computer security. At each level, trainees will have to discover vulnerabilities in applications, write code to exploit them, and finally submit a patch to fix each vulnerability in order to gain access to the next level. This approach is at the same time very practical and adaptive to the level of each trainee.

The wargame is very progressive and covers most of the vulnerability classes affecting modern software. Exploitation & defence mechanisms will be explained in detail and solutions will be given to all the levels of the wargame. Stack overflows, heap overflows (using heap spraying), missing format strings, file descriptor leakage and incorrect security permissions will be covered amongst others.

Attack vectors and defence mechanisms of modern operating systems will be demonstrated through practical examples. The tools and methodologies to discover, prove and fix vulnerabilities will be released to the trainees along with the wargame, which will give trainees the knowledge to discover and properly fix vulnerabilities in actual software. Reverse Engineering, binary refactoring and debugging will also be covered extensively.

About Jonathan Brossard

Jonathan is a security research engineer holding an Engineering degree and a Master in Artificial Intelligence. Born in France, he’s been living in Brazil and India, before currently working in Australia. With about 15 years of practice of assembly, he is specialised in low level security, from raw sockets to cryptography and memory corruption bugs.

He has been credited for the discovery of complex vulnerabilities in cryptographic software (eg: Microsoft Bitlocker, Truecrypt, and most BIOS software of the market including HP, Intel or Toshiba ones most notably), mainstream software (Opera web browser, adobe reader, top tiers antivirus softwares) and Virtualization software. He is currently working as Senior Security Consultant and CEO at the Toucan System security company (http://www.toucan-system.com). His clients count some of the biggest Defense and Financial Institutions worldwide.

Jonathan is also the co-organiser of the Hackito Ergo Sum conference (HES2011) in France. Jonathan has been a speaker at a number of great intenational conferences including Blackhat, Defcon, HITB (Amsterdam & Kuala Lumpur), Ruxcon (Australia), Hackito Ergo Sum (France), and is a recurrent speaker at H2HC (Brazil & Mexico).