Exploit Reverse Engineering

If you know the enemy and know yourself, you need not fear the result of hundred battles Sun Tzu, Art of War

Course Title:  Exploit Reverse Engineering

Who can attend: Software engineers, System administrators, Programmers, and anyone interested in the field of Security and Hacking.

Requirements:
  - Intermediate Programming skills
  - Some background on assembly language (x86)

Duration: 4 days (Weekend)

Dates*: February 7-10, 2018

Location: Information and Computer Science Department, KFUPM, Al-Dhahran, Saudi Arabia.

Instructor: Dr. Sami Zhioua

Course Fees: 4000SAR (Special fees available for KFUPM students and staff)

Registration: Department of Continuing Education, Building 54, Room 107.

For Course details: zhioua@kfupm.edu.sa 

 

* If you are a group and you are interested to take the course in a  different date, you can contact the instructor for arrangement.

Announcement Poster

Exploit Reverse Engineering:

An exploit is an advanced piece of software allowing an attacker to gain full control over a target (victim) system. Typically, exploits take advantage of weaknesses and vulnerabilities in commonly used software such as Operating Systems and Web Browsers. Writing a working exploit (also known as 0-day) involves a very long and difficult process and requires very advanced skills. Most of large-scale cyber attacks involve, at some stage, the use of an exploit. Therefore, understanding how these exploits work is an essential ingredient to design deeply secure solutions and mitigations.

Exploit Reverse Engineering" course studies the techniques used by exploit developers and aims at providing security experts with the necessary knowledge to mitigate such advanced attacks. The techniques include stack overflow, EIP overwrite, SEH overwrite, shellcoding, egg-hunting, return-oriented-programming (ROP), heap-spraying, etc. The course is highly applied where participants have to practice with all exploit reverse engineering tasks including fuzzing, debugging, memory dumping, etc.

If a hacker wants to get inside your system, he/she will, and there is nothing you can do about it

The only thing you can do is make it harder for him to get in.

 

Short Course Topics     

1. Introduction to exploitation

- Review of x86 Assembly

- Tutorial on Debugging

2- Buffer Overflow

- Memory and Stack Layout

3- EIP Overwrite

- Fuzzing for buffer overflow vulns

- EIP Overwrite reverse engineering

4- SEH Overwrite

- Exception Handling Exploitation

- SEH Overwrite reverse engineering

5- Introduction to Shellcoding

- Basic Shellcoding

- Shellcoding process

6- Egg-hunting

- Multi-stage exploits

- Omelett exploits

7- Return-Oriented-Programming (ROP)

- Using gadgets

- Bypassing DEP

8- Heap-Spraying

- Heap-Spray reverse engineering

9- Mitigation Techniques

- Stack Shield

- SafeSEH

- SEHOP

- Data Execution Prevention (DEP)

- Address Space Layout Randomization (ASLR)

    

 

A Seminar on Hacking by Dr. Sami Zhioua (November 2011):

 

 

 

Sami Zhioua, December 2015