The Internet of Things (IoT) universe comprises largely of ARM based systems. The ARM IoT Exploit Laboratory debuts in 2017, bringing you two intense 2-day courses featuring a practical hands-on approach to exploit development on ARM based systems. This class is perfectly suited for students who are keen to dive into the world of modern ARM exploit development.
Our introductory level class begins with an introduction to ARM architecture and ARM assembly language and moves quickly onto debugging techniques for ARM systems, exploiting buffer overflows on ARM devices running Linux, writing ARM shellcode from the ground up and putting together practical ARM exploits for embedded systems. Our lab environment features both hardware and virtual machine targets.
This class also establishes the groundwork and knowledge required for "The Advanced ARM IoT Exploit Laboratory" which specifically focusses on bypassing exploit mitigation techniques such as XN (DEP) and ASLR.
***For those keen on end to end ARM exploitation, it is recommended to take both the Intro and Advanced classes in succession in a 4-day format: https://www.blackhat.com/us-17/training/arm-iot-exploit-laboratory-advanced.html*** As with the popular Exploit Laboratory, all topics are delivered in a down-to-earth, learn-by-example methodology. The same trainers who brought you The Exploit Laboratory for over 10 years have been working hard in putting together an all new class based on past feedback!
LEARNING OBJECTIVES:
-------------------
- Introduction to the ARM CPU architecture
- Exploring ARM assembly language
- Understanding how functions work in ARM
- Debugging on ARM systems
- Exploiting Stack Overflows on ARM
- Writing ARM Shellcode from the ground up
- Exercises: Putting together practical end-to-end ARM/Linux exploits
- The Lab environment is a mixture of physical ARM hardware and ARM virtual machines.
DAILY SCHEDULE:
---------------
DAY 1
- Introduction to the ARM CPU architecture
- Exploring ARM assembly language
- EXERCISE - Examples in ARM Assembly Language
- Debugging on ARM systems
- Understanding how functions work in ARM
- Exploiting Stack Overflows on ARM
- EXERCISE - ARM Stack Overflows
DAY 2
- Writing ARM Shellcode from the ground up
- Simple ARM Shellcode
- Complex ARM Shellcode
- Shellcode optimization and avoiding NULL bytes
- EXERCISE - Embedded Web Server exploit
PREREQUISITES:
--------------
- A conceptual understanding of how functions work in C programming
- Knowledge of how a stack works, basic stack operations
- Familiarity with debuggers (gdb, WinDBG, OllyDBG or equivalent)
- Not be allergic to command line tools.
- Have a working knowledge of shell scripts, cmd scripts or Perl.
- If none of the above apply, then enough patience to go through the pre-class tutorials.
- SKILL LEVEL: INTRODUCTORY (leaning towards intermediate)
PRE-CLASS TUTORIALS:
--------------------
The following tutorials have been specially prepared to get students up to speed on essential concepts before coming to class.
- Operating Systems - A Primer
http://www.slideshare.net/saumilshah/operating-systems-a-primerhttp://www.slideshare.net/saumilshah/how-functions-work-7776073- Introduction to Debuggers
http://www.slideshare.net/saumilshah/introduction-to-debuggersStudents will be provided with all the lab images used in the class. The ARM IoT Exploit Laboratory uses a "Live Notes" system that provides a running transcript of the instructor's system to all the students. Our lab environment, plus about 700MB of curated reading material, will be made available to all attendees to take with them and continue learning after the training ends.
