Hacking: Binary Exploitation

Buffer overflows and their consequences

The challenge: New attack scenarios as part of growing connectivity

More and more devices and systems can now be reached through the Internet and other networks, exposing them to direct attacks. This creates challenges for many companies to appropriately secure their systems and protect themselves against possible hacker attacks. Despite the protection mechanisms currently available (e.g. non-executable storage regions, ran-domization of addresses or stack cookies inserted by the compiler), weaknesses in applications are still being successfully exploited. This poses the question of how these protection mechanisms can be circumvented by the attackers.

The solution: Understanding and predicting binary exploitation from the viewpoint of hackers

As part of this seminar, participants will discover the approaches used by hackers in order to be better prepared for such attacks. The main focus of this seminar is the field of binary exploitation: for example, how programming errors in C code can be exploited to inject and execute external code. As part of this, the question of how effective the system and compiler protection mechanisms are, and how and in what circumstances attackers can circumvent such protection, is answered.

How you can benefit: at a glance#

After the seminar, you will be able to...

... understand the actions of a hacker and develop exploits to expose their weaknesses.
... understand typical programming errors in C code, and the limitations of protection mechanisms.
... assess the applicability of protection mechanisms for your own development.

 

This seminar will provide you with...

... a profound overview of select techniques of binary exploitation.
… knowledge of practical implementation methods for circumventing protection mechanisms and developing your own exploits.

Information Overview#

#

Duration 3 days in class
Learning objectives – Identification of typical programming errors in the C language
– Recognition of the limits of the protection mechanisms available
– Profound knowledge of storage device architectures
– Learning methods for circumventing protection mechanisms
– Development of exploits for using weaknesses in applications
Target group Developers, testers, operators and users who would like to learn the approaches used by hackers to improve the security of their systems with this knowledge
Requirements

Linux basics: Routine operations with the Bourne-Again Shell (BASH) and the GNU Debugger (GDB)

Programming knowledge: Fluent reading and understanding of code in C, programming experience in C or Python

Assembler: Reading and understanding of x86_64 assembler, programming in assembler is not required

Organized by Fraunhofer AISEC
Cost € 1.800

Download our flyer for more information.

#

– Basics of buffer overflow, debugging, disassembler

– Practical training: Debugging and reverse engineering

– Introduction to stacks

– Practical training: First exploit without protective measures

– Protective measures through compilers

– Practical training: Exploit with compiler protective measures

– Protective measures through the system

– Practical training: Exploit with system protective measures

– Introduction to heaps

– Practical training: Exploit without protective measures

– Practical training: Exploit with protective measures (optional)

#

Tilo Fischer:

Research specialist for safe sensor systems at Fraunhofer AISEC