What to bring:
- Enough RAM
- 10 GB of empty HD Space
- VMWare Player or VMWare Workstate
- Your own copy of IDA Pro, 5.x
Black Hat USA 2010 Weekend Training Session
July 24 - 25
Finding Security Bugs in Closed-source Software: Beginner
Halvar Flake
Overview:
Due to the ever-expanding nature of the topic, and to balance skill levels in the class better, the course has been split into two halves. This is the first half, which is intended for people with less than 2 years experience in this field.
In recent years, a large proportion of the focus in security research has been on the analysis of programs in order to find memory-corruption vulnerabilities. Due to the nature of the C language, it is particularly easy for developers to create buggy applications. C and, by extension, C++ suffer from a plethora of subtle pitfalls that have contributed to the proliferation of security-critical bugs in software.
The course assumes the following:
- You know C and some C++
- You know the important bits of the Intel x86 instruction set, enough to read simple code snippets
- You have a decent idea of the 'basics', e.g. you understand simple buffer overflows and simple exploitation methods
- You do not have extensive experience in using IDA Pro
The course will cover the following:
- Security defects – from the boring historical examples to nontrivial semantic issues, from buffer overflows via integer issues to complicated object-lifetime issues
- Methodologies for source code review
- Introduction to binary review: What changes, what stays the same ?
- Using IDA Pro and other tools for bug hunting
- Reading & understanding disassemblies in order to find security defects
The course will spend approximately one day on source code and one day on binary review.
Trainer:
Halvar Flake
Founder, ZynamicsHalvar Flake is Zynamics' founder. Originating in the fields of copy protection and digital rights management, he gravitated more and more towards network securityover time as he realized that constructive copy protection is more or less fighting windmills. After writing his first few exploits he was hooked and realized that reverse engineering experience is a very handy asset when dealing with COTS software. With extensive experience in reverse engineering, network security, penetration testing and exploit development he recently joined Black Hat as their main reverse engineer.
Super Early:
Ends Apr 1 |
Early:
Ends May 15 |
Regular: |
Late: |
Onsite: |
$2000 |
$2200 |
$2400 |
$2600 |
$2900 |