• LOGIN
  • No products in the cart.

Exploit Development on Linux Platform – Workshop eBook

Download
File
Hakin9_W10.pdf

Welcome to the workshop on Linux exploit development. In this workshop, we will explore how you can work on exploit development while being on Linux as an operating system. To complete this workshop, you are supposed to have prerequisite requirements in Linux as an operating system.

This e-book contains text materials from the course.

INSIDE

Module 1 – Setting up the Linux Environment

  • Introduction Prerequisite


  • Lab Requirements


  • Download Ubuntu


  • Setup VM for Ubuntu


  • Some Basics

    •  What is GCC?



  • What is GDB?

    • Key Note



  • GDB Environment


 

Module 2 – Linux Basics and Command Line

  • Introduction


  • PreRequisite


  • Linux Key Components


  • Linux Shell


  • Different types of Shell


  • Default Shell (Bash)


  • Linux File System


  • What is Data Block?


  • What is Inodes?


  • Linux File System Layout


  • Linux File System Hierarchy


  • Some Linux Commands and their usage


 

Module 3 – Buffer overflows

  • Introduction


  • Prerequisites


  • The Basics


  • Why do we need stack?


  • What is Buffer Overflow?


  • Types of Buffer Overflows


  • Stack Buffer Overflow


  • Heap Buffer Overflow


  • Off-by-One Errors (loop of code)


  • Buffer Overrun


  • Format String Attack


  • How to Mitigate Buffer Overflows?


  • Non-executable stack, heap, data sections


  • Address Space Layout Randomization (ASLR)


  • Stack Smashing Protection (SSP)


  • Why you should learn about buffer overflows?


  • Methods for Buffer overflows testing


  • Black Box Testing


  • Gray Box Testing


  • Summary


 

Module 4 –Vulnerable Code in “C” Language

  • Introduction


  • Prerequisites


  • Debugging on Linux with GDB

    • Example 1


    • Lab 1


    • Example 2



  • Overwriting EIP register

    • Example3



 

Module 5 – Exploiting the Vulnerable Code on Linux

  • Introduction


  • Prrequisite


  • Controlling EIP


  • Download shellcode generator


  •  Coding our Exploit


  • EIP Value to be used



Download
File
Hakin9_W10.pdf

April 1, 2016

Leave a Reply

Be the First to Comment!

Notify of
avatar
wpDiscuz

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013