[Noisebridge-discuss] Interested in Reverse Engineering or Vulnerability Research?
Daniel C. Silverstein
cubes at ghosthacked.net
Tue Jun 23 01:30:43 UTC 2009
I'd be up for this if time allows.
(Dan)
On Jun 22, 2009, at 6:06 PM, unmarshal at gmail.com wrote:
> Hi All,
>
> I'm a bit rusty, but I am looking for a reason to jump back in to the
> above mentioned topics. Would anyone be interested in attending a
> class about reverse engineering software on intel processors and/or
> identifying vulnerabilities in C code and exploitation techniques? I
> spent a lot of time in the hacking scene and the computer security
> industry doing these things and burned out and left it for full time
> programming about 2 years ago. I would have no problem teaching an
> introductory class on these topics. I will admit, I'm not super hip
> on the latest in protection techniques that guard against these
> attacks, but I could teach the fundamentals while getting up to speed
> on circumventing the protection techniques.
>
> Vulnerability Research:
> * Basic stack-based buffer overflow identification and exploitation
> * Format string vulnerabilities
> * Integer overflow and signedness bugs
> * Heap corruption vulnerabilities (dlmalloc style)
> * Discussion of protections and getting around them..
>
> The reverse engineering bit can be included in a class like this as we
> dive into the assembly code to identify these problems and debug the
> process while we attempt to exploit them.
>
> Let me know if anyone is interested. I don't really know the protocol
> at NB for proposing this type of thing... I'm new in general. It
> seems like there isn't really any open time slots, so that will need
> to be discussed.
>
> Let me know,
> Marshall
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
More information about the Noisebridge-discuss
mailing list