by Ron Munitz, The Premium Software Consulting Group (PSCG)
This intensive hands-on course teaches experienced low-level developers and malware researchers the theory and practice of ARM/AARCH64 exploitation, via a rigorous hands-on curriculum exposing low-level software type of attacks, modern compiler, hardware and operating system protections, and how to bypass them.
TARGET
The course is targeted towards Linux/ARM/AARCH64 platforms and will address practical IoT, Linux Servers, and mobile device concerns.
OBJECTIVES
By the end of the course you will:
Understand and implement software attacks on ARM architecture native code
Understand hardware, compiler, and Linux operating system protections and bypass such protections
TARGET AUDIENCE
Security personnel with practical experience, C/C++ developers, Security Researchers.
COURSE DETAILS
Date: 24-27 Jun 2019
Venue: ICE71, 71 Ayer Rajah Crescent, #02-18, Singapore 139951
COST
Early Bird (Sign up by 31 May 2019): $4,200 SGD
Standard (Sign up by 16 Jun 2019): $4,500 SGD
Late: $4,800 SGD
OUTLINE
Introduction
Evolution of Computing Devices
Modern-day Interesting ARM Use Cases: IoT, Mobile, Servers, Desktops.
Introduction to Reverse Engineering
About Vulnerabilities
About Exploits
Real-Life Examples
Computer Architecture
Introduction to ARM Architecture
ARM Licensing
Exception Levels
Boot Process
ARM/AARCH64 Assembly
Instructions Set Overview
Special & Hidden Instructions
Memory Units
ELF Format Basics — a program view in the memory.
CPU Modes
Labs
Binary File Format
Linux Kernel init loading and binfmt
Binary loading procedures
ELF format
Static Linking
Dynamic Linking
Other formats [Mach-O]
Compiler flags
Labs
Memory Corruptions — Part 1/3
Stack buffer overflow
Demo
Labs
Preliminary Research
Static analysis - objdump, IDA
Debugging - gdb & IDA
Using Crash Dumps
Custom Hooks
/proc/ File System
Environment Variables
Auditing & Fuzzing
Memory Auditing
Existing Fuzzing Tools
Creating Custom Tools
Labs
Memory Corruptions — Part 2/3
Implementing Stack Buffer Overflow Shellcode
Dynamic Linking: Interposing
Heap Overflow
Integer Overflow
Format String Vulnerabilities
Use-After-Free
Double-Free
Labs
Protections & Bypassing — Part 1/2
DEP & XN bits
Stack Canaries
Labs
Memory Corruptions — Part 3/3
Type Confusion
Information Disclosure
Race Conditions
Labs
Shellcode Crafting
Art of the Shellcode
Remote Shell
Finalising Payload
Labs
Protections & Bypassing — Part 2/2
ASLR — Address Space Layout Randomization
Bypassing ASLR
Partial Address Overwrite
Using Predictable Information
Using Information Disclosure
Custom Protections
Summarising Exercise
Advances in Operating Systems, Toolchains & Hardware & Final Words
GCC roadmap
LLVM/Clang roadmap
Linux Kernel roadmap
Android roadmap
MacOS roadmap
ARM roadmap
PREREQUISITES
Essential:
Significant C/C++ or (any architecture) assembly development experience
Familiarity with Linux command-line tools
Recommended:
ARM and AARCH64 assembly language proficiency
Embedded Linux development experience
Working knowledge of Linux command-line tools
Theoretical knowledge of Operating Systems
WHAT TO BRING
Attendees are to bring laptops with at least 30GB of free space. The instructor will provide both instructions for setting up your own Linux station and a VMware Player image with all the required materials.
ABOUT THE TRAINER
RON MUNITZ, CEO of The PSCG Premium Consulting group, is a parallel entrepreneur, specialising in Operating System internals and Embedded Security. His experience ranges from esoteric real-time operating systems and all kind of Industrial devices to anything Unix/Linux flavoured, with renowned expertise on the Linux kernel, XNU Kernel and Android and MacOS ecosystems. Ron is an experienced lecturer, who has trained thousands of engineers for The PSCG, ARM and the Linux Foundation, and has initiated and led cybersecurity tracks in several universities.
When not teaching or consulting, Ron is leading PSCG Holdings LTD, a house of excellence for entrepreneurs-researchers, active in the Aerospace, Maritime, Automotive and Mobile cybersecurity domains.
In his previous lifetimes, Ron founded Nubo Software, the first Android display protocol, brought up Linux and some RTOS's on more boards than he can remember, did all kinds of security-related work ( ;-) ), and led the development of a couple of satellite launchers ( ;-) ;-) ).
Comments