[Noisebridge-discuss] Interested in Reverse Engineering or Vulnerability Research?
unmarshal at gmail.com
unmarshal at gmail.com
Tue Jun 23 01:06:39 UTC 2009
Hi All,
I'm a bit rusty, but I am looking for a reason to jump back in to the
above mentioned topics. Would anyone be interested in attending a
class about reverse engineering software on intel processors and/or
identifying vulnerabilities in C code and exploitation techniques? I
spent a lot of time in the hacking scene and the computer security
industry doing these things and burned out and left it for full time
programming about 2 years ago. I would have no problem teaching an
introductory class on these topics. I will admit, I'm not super hip
on the latest in protection techniques that guard against these
attacks, but I could teach the fundamentals while getting up to speed
on circumventing the protection techniques.
Vulnerability Research:
* Basic stack-based buffer overflow identification and exploitation
* Format string vulnerabilities
* Integer overflow and signedness bugs
* Heap corruption vulnerabilities (dlmalloc style)
* Discussion of protections and getting around them..
The reverse engineering bit can be included in a class like this as we
dive into the assembly code to identify these problems and debug the
process while we attempt to exploit them.
Let me know if anyone is interested. I don't really know the protocol
at NB for proposing this type of thing... I'm new in general. It
seems like there isn't really any open time slots, so that will need
to be discussed.
Let me know,
Marshall
More information about the Noisebridge-discuss
mailing list