[Noisebridge-discuss] Interested in Reverse Engineering or Vulnerability Research?

Daniel C. Silverstein cubes at ghosthacked.net
Tue Jun 23 01:30:43 UTC 2009


I'd be up for this if time allows.

				(Dan)

On Jun 22, 2009, at 6:06 PM, unmarshal at gmail.com wrote:

> Hi All,
>
> I'm a bit rusty, but I am looking for a reason to jump back in to the
> above mentioned topics.  Would anyone be interested in attending a
> class about reverse engineering software on intel processors and/or
> identifying vulnerabilities in C code and exploitation techniques? I
> spent a lot of time in the hacking scene and the computer security
> industry doing these things and burned out and left it for full time
> programming about 2 years ago.  I would have no problem teaching an
> introductory class on these topics.  I will admit, I'm not super hip
> on the latest in protection techniques that guard against these
> attacks, but I could teach the fundamentals while getting up to speed
> on circumventing the protection techniques.
>
> Vulnerability Research:
>  * Basic stack-based buffer overflow identification and exploitation
>  * Format string vulnerabilities
>  * Integer overflow and signedness bugs
>  * Heap corruption vulnerabilities (dlmalloc style)
>  * Discussion of protections and getting around them..
>
> The reverse engineering bit can be included in a class like this as we
> dive into the assembly code to identify these problems and debug the
> process while we attempt to exploit them.
>
> Let me know if anyone is interested.  I don't really know the protocol
> at NB for proposing this type of thing... I'm new in general.  It
> seems like there isn't really any open time slots, so that will need
> to be discussed.
>
> Let me know,
> Marshall
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss




More information about the Noisebridge-discuss mailing list