YoVDO

Reverse Engineering Linux 32-bit Applications

Offered By: PentesterAcademy

Tags

Reverse Engineering Courses Cybersecurity Courses Python Courses Assembly Language Courses IDA Pro Courses Buffer Overflow Courses Exploit Development Courses Heap Overflows Courses

Course Description

Overview

This course will familiarize students with all aspects of reverse engineering (reversing) Linux 32-bit applications for the purposes of locating flaws and developing exploits. By the end of this course students will be able to understand, locate, and exploit all of the common flows in 32-bit Linux software. These flaws include, but are not limited to, buffer overflow, heap overflows, format string flaws, section overflows, and kernel flaws. Along the way students will gain a better understanding of how Linux 32-bit applications work and will be exposed to a number of common reversing tools such as specialized debuggers (IDA Pro) and fuzzers.  As always, you will also learn how to leverage Python and other scripting tools in order to automate the discovery and exploitation of software flaws.


Syllabus

  1. Course Introduction
  2. Getting Started
  3. Evan's Debugger
  4. GDB Debugger
  5. IDA Pro
  6. A Little Bit of Assembly Part 1
  7. A Little Bit of Assembly Part 2
  8. A Little Bit of Assembly Part 3
  9. A Little Bit of Assembly Part 4
  10. Stack Buffer Overflows Part 1: The Basics
  11. Stack Buffer Overflows Part 2: A Simple Example
  12. Stack Buffer Overflows Part 3: Stack Protection
  13. Stack Buffer Overflows Part 4: Calculating Offsets
  14. Stack Buffer Overflows Part 5: JMP ESP
  15. Stack Buffer Overflows Part 6: More Stack Protection
  16. Stack Buffer Overflows Part 7: Return to Libc
  17. Stack Buffer Overflows Part 8: Chaining Return to Libc
  18. Stack Buffer Overflows Part 9: ASLR and the PLT
  19. Stack Buffer Overflows Part 10: GOT Overwrite and Dereference
  20. Stack Buffer Overflows Part 11: Stack Canaries and Summary
  21. Heap Buffer Overflows Part 1: Heap Basics
  22. Heap Buffer Overflows Part 2: Simple Examples
  23. Heap Buffer Overflows Part 3: Simple Examples Continued
  24. Heap Buffer Overflows Part 4: More Examples
  25. Heap Buffer Overflows Part 5: Still More Examples
  26. Format String Flaws Part 1: The Basics
  27. Format String Flaws Part 2: Crashing Programs
  28. Format String Flaws Part 3: Reading Data From the Stack
  29. Format String Flaws Part 4: Reading Arbitrary Memory Locations
  30. Format String Flaws Part 5: Writing to Arbitrary Memory Locations and Summary
  31. Kernel Flaws Part 1: How Linux API Functions are Called
  32. Kernel Flaws Part 2: 32-bit System Calls
  33. Reversing Malware Part 1: The Basics
  34. Reversing Malware Part 2: First Steps
  35. Reversing Malware Part 3: Symbols and Libraries
  36. Reversing Malware Part 4: ELF Files
  37. Reversing Malware Part 5: Examining Sections and Segments
  38. Reversing Malware Part 6: Setting Up a Sand Box
  39. Reversing Malware Part 7: Setting Up a Sand Box Continued
  40. Reversing Malware Part 8: Using Strace and Ltrace
  41. Reversing Malware Part 9: Using Evan’s Debugger
  42. Reversing Malware Part 10: Using GDB Debugger
  43. Reversing Malware Part 11: Obfuscation
  44. Course Wrapup

Taught by

Dr. Philip Polstra

Related Courses

CNIT 127: Exploit Development
CNIT - City College of San Francisco via Independent Offensive Penetration Testing
LinkedIn Learning Penetration Testing: Advanced Kali Linux
LinkedIn Learning Exploit Development and Execution with the Metasploit Framework
Pluralsight Security for Hackers and Developers: Exploit Development
Pluralsight