STATUS ██████ ██████ ███████ ███ ██ ██ ██ ██ ██ ██ ████ ██ ██ ██ ██████ █████ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██████ ██ ███████ ██ ████
foulab.org / ARTICLE
Unicorn Engine : Skills Weaponized, Recognize the Clockwork
by [Danukeru] @ 2019-02-02 20:14:23 -0500



Sunday February 24th 2019 @ 10:00

Goals:
We will learn how to reverse engineer a basic buffer overflow vulnerability.
Part of this will be an introduction to fuzzing for the vulnerability, followed by how to write a piece of
modern exploit code that will work around Address Space Layout Randomization and Write/Execute Exclusion.

This will be a Windows10 focused tutorial.

Bringing your own laptop with Win10 installed in some fashion is required.

More advanced techniques will be seen as time permits.

Subjects covered:

  • Setting up x64dbg on windows, and navigating a basic binary.
  • Integrating this with unicorn engine.
  • OS end execution model for Win10 overview.
  • Exploit code and shellcode development.
  • Basic fuzzing of input through hooking the binary using unicorn engine.
  • Stretch goal: if time permits, we will leverage Z3 based SMT solvers to fuzz.

This is an advanced course.

8 hours has been assigned to the block with an hour for lunch. Finishing at 18:00.
Knowledge of at least python scripting as well as the basics of computer science is required.

A 25$ donation at the door is strongly encourged to support FOULAB.


Valid XHTML 1.0 Transitional Valid CSS Level A conformance icon, W3C-WAI Web Content Accessibility Guidelines 1.0 Creative Commons Non-commercial License with Attribution 3.0 Made in Quebec
Except where otherwise noted, content on this site is licensed under a Creative Commons Non-Commercial with Attribution 3.0 License.  Creative Commons Non-commercial Attribution 3.0 License