Slide 1
Slide 1
Slide 1
Slide 1
Slide 1
Slide 1

PRESENTATION MATERIALS

PHOTOS / VIDEOS

Official conference photos and HD videos will be made available in the next 2-3 weeks. Please follow @hitbsecconf on Twitter for links or join our Facebook Group

TECH TRAINING 4 – THE EXPLOIT LABORATORY: ADVANCED EDITION

TRAINER: Saumil Shah (Founder, Net-Square) and SK Chong (Security Consultant, SCAN Associates Bhd)

CAPACITY: CLASS CANCELLED

SEATS LEFT: CLASS CANCELLED

DURATION: 3 days (21st, 22nd & 23rd May 2012)

COST (per pax): EUR2298 (early bird) / EUR2698 (non early-bird)

 

OVERVIEW

The Exploit Laboratory Advanced Edition is a new class specially designed for a 3-day format. The class is an intermediate to advanced level class, for those curious to dig deeper into the art and craft of software exploitation. The Advanced Edition begins with a quick overview of stack overflows, exception handler abuse, heap overflows, memory overwrites, and other core concepts. The class then moves on to use-after-free bugs and vtable overwrites, especially applicable to browser and PDF exploits. The class also spends a lot of time focusing on defeating modern day exploit mitigation techniques like DEP and ASLR using Return Oriented Programming (ROP).

The Exploit Laboratory Advanced Edition requires a lot of hands on work. Lab examples used in this class cover Linux and Microsoft Windows platforms, featuring popular third party applications and products instead of simulated lab exercises.

As with the popular Exploit Laboratory, all topics are delivered in a down-to-earth, learn-by-example methodology. The same trainers who brought you The Exploit Laboratory for over five years have been working hard in putting together advanced material based on past feedback.

KEY LEARNING OBJECTIVES

* Stack Overflows (Linux and Windows)
* Heap Overflows (Linux and Windows)
* Abusing Structured Exception Handlers on Windows
* Abusing Vectored Exception Handlers on Windows
* Use-after-free bugs and vtable overwrites
* Browser Exploits
* PDF Exploits
* Exploits on Mac OS X.
* Defeating DEP using Ret2LibC
* Introduction to Return Oriented Programming
* ROP gadgets and stack flips.
* ROP shellcode loaders
* Practical ROP Exploits
* Bypassing ASLR on Windows 7
* Advanced Heap Spray techniques

WHO IS THIS CLASS FOR?

* Pen-testers, Security analysts, Security auditors, who want to take their skills to the next level and write their own exploits instead of borrowing them.
* Developers and Project managers, who want to understand what can happen to poorly written code.
* Members of internal product security groups, who want to pen-test custom binaries and exploit custom built applications.
* System administrators, who want to follow a more “pro-active” approach in enforcing security measures.
* Just about anyone curious about vulnerabilities and exploits.

PREREQUISITES

* Have a working knowledge of operating systems, Win32 and Unix.
* Not be allergic to command line tools.
* Use vi/pico/joe editors.
* Have a working knowledge of shell scripts, cmd scripts or Perl.
* Understanding of C programming would be a bonus.

WHAT TO BRING / HARDWARE REQUIREMENTS

* A working laptop (no Netbooks)
* Intel Core 2 Duo x86/x64 hardware (or superior) required
* 2GB RAM required, at a minimum, 4GB preferred, and anywhere in between shall be tolerated
* Wireless network card
* 20 GB free Hard disk space

SOFTWARE REQUIREMENTS

* Windows XP SP3 / Windows 7 / Linux kernel 2.4 or 2.6 / Mac OS X 10.5 or 10.6 (Intel only)
* VMWare Player / VMWare Workstation / VMWare Fusion MANDATORY
* Administrator / root access MANDATORY
* Ability to disable Anti-virus software on your laptop
* Ability to disable Host firewall
* Perl 5.8
* An SSH client, such as PuTTY
* Netcat

NOTE: If your laptop is a locked-down company issued laptop, please make sure you have VMWare Workstation or VMWare Player installed by your administrator before you come to class.

THE EXPLOIT LAB BLOG: http://blog.exploitlab.net/
OUR TWITTER STREAM: @exploitlab

ABOUT THE TRAINERS

Saumil Shah (Founder, Net-Square)

Saumil continues to lead the efforts in e-commerce security research and product development at Net-Square. His focus is on researching vulnerabilities with various e-commerce and web based application systems, system architecture for Net-Square’s tools and products, and developing short term training programmes. Saumil also provides information security consulting services to Net-Square clients, specializing in ethical hacking and security architecture. He holds a designation of Certified Information Systems Security Professional. Saumil has had more than nine years experience with system administration, network architecture, integrating heterogenous platforms, and information security and has perfomed numerous ethical hacking exercises for many significant companies in the IT area. Saumil is a regular speaker and trainer at security conferences such as BlackHat, RSA, etc.

Previously, Saumil was the Director of Indian operations for Foundstone Inc, where he was instrumental in developing their web application security assessment methodology, the web assessment component of FoundScan – Foundstone’s Managed Security Services software and was instrumental in pioneering Foundstone’s Ultimate Web Hacking training class.

Prior to joining Foundstone, Saumil was a senior consultant with Ernst & Young, where he was responsible for the company’s ethical hacking and security architecture solutions. Saumil has also worked at the Indian Institute of Management, Ahmedabad, as a research assistant and is currently a visiting faculty member there.

Saumil graduated from Purdue University with a master’s degree in computer science and a strong research background in operating systems, networking, infomation security, and cryptography. At Purdue, he was a research assistant in the COAST (Computer Operations, Audit and Security Technology) laboratory. He got his undergraduate degree in computer engineering from Gujarat University, India. Saumil is a co-author of “Web Hacking: Attacks and Defense” (Addison Wesley, 2002) and is the author of “The Anti-Virus Book” (Tata McGraw-Hill, 1996)

SK Chong (Security Consultant, SCAN Associates Bhd.)

S.K. (CISSP) is a security consultant from SCAN Associates. His job allows him to play with all kinds of hacking tools in his penentration testing. Most often, he needs to modify and/or enhance these tools before it can be used for legal penetration testing against banks, ISP and goverment agencies. These experiences help him wrote a few security whitepapers on SQL Injection, Buffer Overflow, Shellcode and Windows Kernel stuff, including one of which published in Phrack E-zine #62. His researches was presented in Blackhat (Singapore) 2003, HITBSecConf2003 – Malaysia, RuxC0n2004 (Australia), XCon2004 (China) and many other security conferences.

Okura Hotel Amsterdam
Ferdinand Bolstraat 333, 1072 LH Amsterdam,
The Netherlands

1-Day Intensive Training Sessions – 21st of May / 0900 – 1800

 

SPECIAL OPS 1  - WIRELESS SECURITY KUNGF00

SPECIAL OPS 2  – THE ART OF EXPLOITING SQL INJECTION FLAWS

SPECIAL OPS 3 – MOBILE APPLICATION HACKING – ATTACK & DEFENSE



2-Day Hands on Training Sessions – 22nd – 23rd of May / 0900 – 1800

TECH TRAINING 1  – HUNTING WEB ATTACKERS

TECH TRAINING 2  – ADVANCED LINUX EXPLOITATION METHODS

TECH TRAINING 3  - ADVANCED APPLICATION HACKING – ATTACKS, EXPLOITS & DEFENSE

 

 



3-Day Hands on Training Sessions – 21st, 22nd & 23rd of May / 0900 – 1800

TECH TRAINING 4  – THE EXPLOIT LABORATORY: ADVANCED EDITION




QUAD TRACK CONFERENCE – 24th & 25th of May / 0900 – 1800

Featuring keynotes by BRUCE SCHNEIER and ANDY ELLIS



EVENT ORGANIZER

LOCAL PARTNER

PLATINUM SPONSORS

GOLD SPONSORS

TITANIUM SPONSOR (POST CONFERENCE RECEPTION + SPEAKER RECEPTION)

SILVER SPONSOR

HACKWEEKDAY SPONSOR

ALCO_PWN SPONSOR (POST CONFERENCE RECEPTION)

HITB LAB / SIGINT SPONSOR

NETWORK SPONSORS AND UPLINK

ADDITIONAL SUPPORT BY

SUPPORTING MEDIA

FRIENDS OF HITB

Copyright © 2012 Hack In The Box | http://www.hackinthebox.org

( / 10 )