[Noisebridge-discuss] Interested in Reverse Engineering or Vulnerability Research?

Micah Lee micahflee at gmail.com
Thu Jun 25 04:12:57 UTC 2009 

This looks awesome, I'm into it.

On Mon, Jun 22, 2009 at 8:38 PM, <unmarshal at gmail.com> wrote:

> So I'm thinking there will definitely be an online component, There will
> definitely be slides, a mailing list, a common machine for everyone to log
> into to work on. The reason we will use a common machine is so I can control
> the libraries and compiler so we are all on equal footing, using the same
> offsets and memory addresses. There will be homework and misc challenges to
> reverse engineer and/or hack binaries I put up that exercise specific
> knowledge from the lesson. We can eventually turn this into a game and
> invite other people from the internet to participate in the hacking
> challenge. It would be setup like a game with each level requiring you to
> hack a binary in that directory, giving you permissions higher up in the
> chain... first guy to reach max permissions can touch a file
> bindWuzHere31337 or whatever ;).
>
> I'm very pleased there are people interested. I will work very hard to put
> together a coherent lesson plan and will help everyone move forward in their
> endeavors to hack the planet. My only weakness as a teacher in this
> situation is that I am out of the loop on the latest and greatest
> techniques. The good thing though is that the principles that are taught in
> this class remain relevant despite the extra hoops you now have to jump
> through these days.
>
> This will be a lesson on hacking Linux systems on x86 processors. I am not
> super knowledgeable about windows hacking, although if this is a success, I
> will call up some friends who will be able to supplement. We can also
> perform a case study of Mac OSX as it is a ripe system for hacking despite a
> small remote attack surface.
>
> We will also study vulnerability discovery methods such as source code
> auditing, closed source reverse engineering and fuzzing. We will also be
> going over x86 assembly for writing shellcode, debugging with gdb. You can
> write the actual exploits in any language you wish. I will take votes on
> what most people know. We could write them in C, Ruby or Python. I'd prefer
> C.
>
> I'm very excited. Stay tuned for more details!
>
> Also if you guys are interested in checking out some of my older exploits:
>
> http://unmarshal.github.com
>
> I posted my good ones that got me pretty far back in the day ;)
>
> I am slowly uploading all of my hacking tools circa 1998-2005. Most of them
> are simply relics, but they have some interesting stories behind them
> nonetheless.
>
> -Marshall aka bind
>
>
>
> On Jun 22, 2009 7:11pm, Daniel Packer <dp at danielpacker.org> wrote:
> > I'd be interested in participating in this remotely if possible.
> >
> > Several weeks back I tried to organize this and have the names of
> >
> > several interested parties. If you search the archives you'll find a
> >
> > few folks who were even interested in offering tutorials(Dr. Jesus for
> >
> > example).
> >
> >
> >
> > Great idea, wish you the best.
> >
> >
> >
> > -Daniel
> >
> >
> >
> >
> >
> > >> I'm a bit rusty, but I am looking for a reason to jump back in to the
> >
> > >> above mentioned topics.  Would anyone be interested in attending a
> >
> > >> class about reverse engineering software on intel processors and/or
> >
> > >> identifying vulnerabilities in C code and exploitation techniques? I
> >
> > >> spent a lot of time in the hacking scene and the computer security
> >
> > >> industry doing these things and burned out and left it for full time
> >
> > >> programming about 2 years ago.  I would have no problem teaching an
> >
> > >> introductory class on these topics.  I will admit, I'm not super hip
> >
> > >> on the latest in protection techniques that guard against these
> >
> > >> attacks, but I could teach the fundamentals while getting up to speed
> >
> > >> on circumventing the protection techniques.
> >
> > >>
> >
> > _______________________________________________
> >
> > Noisebridge-discuss mailing list
> >
> > Noisebridge-discuss at lists.noisebridge.net
> >
> > https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
> >
>
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>
>


-- 
Freelance web development, graphics design, etc.
http://www.micahleedesigns.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.noisebridge.net/pipermail/noisebridge-discuss/attachments/20090624/5893c92d/attachment-0003.html>

More information about the Noisebridge-discuss mailing list