foulab.org / ARTICLE

Unicorn Engine : Skills Weaponized, Recognize the Clockwork

By Danukeru, on 2019-02-02 20:14:23 -0500 EST





Sunday February 24th 2019 @ 10:00

Goals:
We will learn how to reverse engineer a basic buffer overflow vulnerability.
Part of this will be an introduction to fuzzing for the vulnerability, followed by how to write a piece of
modern exploit code that will work around Address Space Layout Randomization and Write/Execute Exclusion.

This will be a Windows10 focused tutorial.

Bringing your own laptop with Win10 installed in some fashion is required.

More advanced techniques will be seen as time permits.

Subjects covered:

  • Setting up x64dbg on windows, and navigating a basic binary.
  • Integrating this with unicorn engine.
  • OS end execution model for Win10 overview.
  • Exploit code and shellcode development.
  • Basic fuzzing of input through hooking the binary using unicorn engine.
  • Stretch goal: if time permits, we will leverage Z3 based SMT solvers to fuzz.

This is an advanced course.

8 hours has been assigned to the block with an hour for lunch. Finishing at 18:00.
Knowledge of at least python scripting as well as the basics of computer science is required.

A 25$ donation at the door is strongly encourged to support FOULAB.