top of page
Writer's pictureInfosec In the City (IIC)

#IICSG2019 Training — ARM (AARCH64) Exploitation

by Ron Munitz, The Premium Software Consulting Group (PSCG)


This intensive hands-on course teaches experienced low-level developers and malware researchers the theory and practice of ARM/AARCH64 exploitation, via a rigorous hands-on curriculum exposing low-level software type of attacks, modern compiler, hardware and operating system protections, and how to bypass them. 

TARGET

The course is targeted towards Linux/ARM/AARCH64 platforms and will address practical IoT, Linux Servers, and mobile device concerns. 

OBJECTIVES

By the end of the course you will: 

  • Understand and implement software attacks on ARM architecture native code

  • Understand hardware, compiler, and Linux operating system protections and bypass such protections

TARGET AUDIENCE

Security personnel with practical experience, C/C++ developers, Security Researchers.

COURSE DETAILS

Date: 24-27 Jun 2019

Venue: ICE71, 71 Ayer Rajah Crescent, #02-18, Singapore 139951

COST

Early Bird (Sign up by 31 May 2019): $4,200 SGD

Standard (Sign up by  16 Jun 2019): $4,500 SGD

Late: $4,800 SGD

OUTLINE

Introduction

  • Evolution of Computing Devices

  • Modern-day Interesting ARM Use Cases: IoT, Mobile, Servers, Desktops.

  • Introduction to Reverse Engineering

  • About Vulnerabilities

  • About Exploits

  • Real-Life Examples

Computer Architecture

  • Introduction to ARM Architecture

  • ARM Licensing

  • Exception Levels

  • Boot Process

  • ARM/AARCH64 Assembly

  • Instructions Set Overview

  • Special & Hidden Instructions

  • Memory Units

  • ELF Format Basics — a program view in the memory.

  • CPU Modes

  • Labs

Binary File Format

  • Linux Kernel init loading and binfmt

  • Binary loading procedures

  • ELF format

  • Static Linking

  • Dynamic Linking

  • Other formats [Mach-O]

  • Compiler flags

  • Labs

Memory Corruptions — Part 1/3

  • Stack buffer overflow

  • Demo

  • Labs

Preliminary Research

  • Static analysis - objdump, IDA

  • Debugging - gdb & IDA

  • Using Crash Dumps

  • Custom Hooks

  • /proc/ File System

  • Environment Variables

  • Auditing & Fuzzing

  • Memory Auditing

  • Existing Fuzzing Tools

  • Creating Custom Tools

  • Labs

Memory Corruptions — Part 2/3

  • Implementing Stack Buffer Overflow Shellcode

  • Dynamic Linking: Interposing

  • Heap Overflow

  • Integer Overflow

  • Format String Vulnerabilities

  • Use-After-Free

  • Double-Free

  • Labs

Protections & Bypassing — Part 1/2

  • DEP & XN bits

  • Stack Canaries

  • Labs

Memory Corruptions — Part 3/3

  • Type Confusion

  • Information Disclosure

  • Race Conditions

  • Labs

Shellcode Crafting

  • Art of the Shellcode

  • Remote Shell

  • Finalising Payload

  • Labs

Protections & Bypassing — Part 2/2

  • ASLR — Address Space Layout Randomization

  • Bypassing ASLR

  • Partial Address Overwrite

  • Using Predictable Information

  • Using Information Disclosure

  • Custom Protections

  • Summarising Exercise

Advances in Operating Systems, Toolchains & Hardware & Final Words

  • GCC roadmap

  • LLVM/Clang roadmap

  • Linux Kernel roadmap

  • Android roadmap

  • MacOS roadmap

  • ARM roadmap

PREREQUISITES

Essential:

  • Significant C/C++ or (any architecture) assembly development experience

  • Familiarity with Linux command-line tools

Recommended:

  • ARM and AARCH64 assembly language proficiency

  • Embedded Linux development experience

  • Working knowledge of Linux command-line tools

  • Theoretical knowledge of Operating Systems

WHAT TO BRING

Attendees are to bring laptops with at least 30GB of free space. The instructor will provide both instructions for setting up your own Linux station and a VMware Player image with all the required materials.

ABOUT THE TRAINER

RON MUNITZ, CEO of The PSCG Premium Consulting group, is a parallel entrepreneur, specialising in Operating System internals and Embedded Security. His experience ranges from esoteric real-time operating systems and all kind of Industrial devices to anything Unix/Linux flavoured, with renowned expertise on the Linux kernel, XNU Kernel and Android and MacOS ecosystems. Ron is an experienced lecturer, who has trained thousands of engineers for The PSCG, ARM and the Linux Foundation, and has initiated and led cybersecurity tracks in several universities.

When not teaching or consulting, Ron is leading PSCG Holdings LTD, a house of excellence for entrepreneurs-researchers, active in the Aerospace, Maritime, Automotive and Mobile cybersecurity domains.

In his previous lifetimes, Ron founded Nubo Software, the first Android display protocol, brought up Linux and some RTOS's on more boards than he can remember, did all kinds of security-related work ( ;-) ), and led the development of a couple of satellite launchers ( ;-) ;-) ).

115 views0 comments

Comments


Post: Blog2_Post
bottom of page