[Noisebridge-discuss] Hack the Planet
Zephyr Pellerin
zephyr.pellerin at gmail.com
Wed May 2 23:35:15 UTC 2012
This post has a soundtrack, please listen to it while reading --
http://www.youtube.com/watch?v=k07cflKCl-Y
A dark star riseth over Noisebridge's Zenith! The machinations of
wickedness and dramatics are building as they work against our noble and
valiant struggle for excellence.
Life is a beautiful thing and your time here is quite limited. In
observation of this, why don't we get back to some actual hacking, rather
than whatever inanity plagues the discuss list?
Without further ado, I present an upcoming workshop long in the making --
Finding and Writing (Functional) Exploits in the 21st Century.
Tired of the classic smashing the stack or format string explotation
introduction, knowing that stack based buffer overflows haven't been useful
in, like, forever? Want to get paid to talk shit on DamageLab.org while
subverting the inequitable capitalistic systems of control? Just want to
have a lot of 0 daze?
You'll learn the feng shui of writing exploits that use the deterministic
nature of Javascript heap allocators to correctly lay out memory to hit
your NOP sled and get that EIP (or die tryin') !
You'll learn some Linear Algebra and Stochastic Calculus, but it will be
gentle.
You'll learn just-in-time bytecode spraying in Actionscript and .NET
controls.
You'll learn the elements of hijacking vtable function pointers to your own
code!
You'll learn the internals of SpiderMonkey and Trident!
You'll learn how to rewind the stack and object state to make it look like
nothing happened :3
You might even walk out with a zero day vulnerability for a major web
browser.
Can't even overflow the kitchen sink? Made an "appearance" in the last
ZF0/el8? Want to be the one that writes the tools rather than "gets the
concepts"? Don't have any idea what I just said? That's OK! Let me show
you how it works! Don't let David Aitel or Elite Darkside Hakker Carl
intimidate you -- This could be done by a sufficiently trained monkey. (I'm
pursuing a social, hyperlocal lesser apes fuzzing startup right now!)
After this hackshop, everyone will whisper of your elite status, people of
the opposite sex will flock to you with news of your renown. At the very
least you won't look like a tool when you start talking to people who know
what they're talking about.
So then,
On May 10th, with prerequisites and introductions to assembly starting at
2:30, and the main course at 6:00, It's going to be a fun time for the
whole family!
Come one! Come all! All computer and math skill levels welcome! I'm not
afraid of bringing you up to speed, no matter your current acceleration!
Want to compensate me? Don't! Instead, be a cool dude or dudette and donate
to the bridge! Radical, bro!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.noisebridge.net/pipermail/noisebridge-discuss/attachments/20120502/57a2f599/attachment-0002.html>
More information about the Noisebridge-discuss
mailing list