3-DAY TRAINING 4 – WebAssembly Security from Reversing to Vulnerability Research

DURATION: 3 DAYS

CAPACITY: 20 pax

SEATS AVAILABLE: 20


EUR2599 (early bird)

EUR3199 (normal)

Early bird registration rate ends on the 31st of January


Overview

WebAssembly (WASM) is a new binary format currently developed and supported by all major web-browsers including Firefox, Chrome, Webkit/Safari and Microsoft Edge. This new format have been designed to be “Efficient and fast“, “Debuggable“ and “Safe” that why it is often called as the “game changer for the web”.

WebAssembly start to be used on various area (not exhaustive):
-Web-browsers (Desktop & Mobile)
-Servers/Website (Nodejs, React, Qt, Electron, Cloudflare workers)
-Video games (Unity, UE4)
-Blockchain platforms (EOS, Ethereum, Dfinity)
-Cryptojacking (Coinhive, Cryptoloot)
-Linux Kernel (Cervus, Nebulet) Etc.

This courses will give you all the prerequisites to understand deeply what’s a WebAssembly module and how work the runtime virtual machine. You will learn how to reverse (statically & dynamically) a WebAssembly module, analyze its behavior, create specific detection rule and search for vulnerability inside. You will discover which security measures are implemented by the WebAssembly VM to validate and handle exceptions. Finally, you will search for vulnerabilities inside WebAssembly VMs (web-browsers, standalone VM) using differents fuzzing techniques (mutation & generation based).

Along this training, students will deal with a lots of hands-on exercises and real-life module allowing them to internalize concepts and techniques taught in class. Hope you will like it !!

Who Should Attend

This class is intended for everyone that want to understand deeper how WebAssembly works such as:

  • Pentester.
  • Vulnerability researchers.
  • Malware analysts.
  • Blockchain smart contract auditors.
  • Developers.

Prerequisite Knowledge

  • Familiarity with scripting languages (Python, Bash).
  • Familiarity with C/C++ or Rust programming.
  • Skill Level: Beginner/Intermediate

Hardware / Software Requirements

  • A notebook capable of running virtual machines.
  • Enough hard disk space to run one VM
  • Virtual machine (VirtualBox preferred)
  • Administrator / root access required.
  • IDA helpful, but not required

Agenda – Day 1: WebAssembly Reversing

  • Introduction to WebAssembly
  • WebAssembly VM architecture & toolchains
  • Writing examples in C/C++/Rust
  • WASM binary format (header, sections, …)
  • WASM Text Format (wat/wast)
  • Reversing WebAssembly module
  • CFG & CallGraph reconstruction
  • DataFlowGraph analysis
  • WebAssembly cryptominers analysis
  • Wasm pattern detection signatures (YARA rules, …)

Agenda – Day 2: Dynamic analysis

  • Debugging WebAssembly module
  • Taint Tracking & Dynamic Binary Instrumentation (DBI)
  • Bytecode (De)-Obfuscation techniques
  • Decompilation & Static Single Assignment (SSA)
  • Real-life Wasm module analysis
  • Traps & Exception handling
  • WebAssembly module validation mechanism
  • Lifting Wasm bytecode

Agenda – Day 3: Vulnerability Research (Module & VM)

  • Basic WebAssembly module vulnerabilities (Integer/Buffer/Heap Overflows)
  • Advanced vulnerabilities (UaF, TOCTOU, CFI Hijacking, …)
  • Emscripten vulnerabilities & NodeJS app exploitation
  • Fuzzing WebAssembly modules
  • Web-Browsers vulnerabilities analysis (CVEs PoC)
  • Fuzzing Web-Browsers (Chrome, Firefox, WebKit)
  • Wat, Wast & Wasm grammar generation
  • Fuzzing C/C++/Rust/Go based Wasm projects

TRAININGS
Location: Training Rooms Date: April 20, 2020 Time: 9:00 am - 6:00 pm Patrick Ventuzelo