MIT: Independent Activities Period: IAP

IAP 2017

Reverse Engineering for Exploitation

Devin Neal

Enrollment: Limited: First come, first served (no advance sign-up)
Limited to 30 participants
Attendance: Participants must attend all sessions
Prereq: Familiarity with Linux

A week long course that will cover the inner workings of Linux binaries for the purpose of both understanding and exploitation. The course will include concepts such as ELF binary format, hex editors, debuggers, memory corruption, shellcoding, and return-oritented programming. Each class will have both a lecture component to go over new material and a hands-on component to put the new information to use. The only prerequisite is previous experience with Linux and Python. Previous experience with C, while not necessary, will be very helpful.

Contact: Devin Neal, DEVNEAL@MIT.EDU

Language of Binaries

Jan/09 Mon 01:00PM-04:00PM 32-141, Bring your laptop

Covering the format of ELF binaries and the process by which they are created and executed.

Devin Neal

Reversing and Cracking

Jan/10 Tue 01:00PM-04:00PM 32-141, Bring your laptop

Static analysis of binaries for the purposes of understanding and modification.

Devin Neal

Exploitation I

Jan/11 Wed 01:00PM-04:00PM 32-141, Bring your laptop

This session will cover memory corruption, buffer overflows, and control hijacking.

Devin Neal

Exploitation II

Jan/12 Thu 01:00PM-04:00PM 32-141, Bring your laptop

This session will cover heap overflows, shellcoding, and DEP/ROP.

Devin Neal

Continuing in Reversing

Jan/13 Fri 01:00PM-04:00PM 32-141, Bring your laptop

Here we'll cover the implications of what we've learned to real-world software and possibly hold a competition to use the concepts learned in the previous sessions.

Devin Neal