Course Syllabus is now available:
[download]
Course Overview
- The legal aspects of reverse engineering.
- Assembly language for IA-32 compatible processors and how to read compiler-generated assembly language code.
- The general principles behind malicious software and how reverse engineering is applied to study such program.
Expected Background
- Basic programming concepts (e.g. complete Java I, II)
- Knowledge with the C programming language, including pointers, arrays, loops, function calls, etc.
- Familiar with Unix/Linux including the command-line shell and gdb
- Familiar with Intel x86 assembly language and architecture
- Familiar with web programming concepts (HTML, HTTP, TCP, network communications)
Textbook
No Textbook
Reference book:
- Randal E. Bryant, Davie Richard O'Hallaron, Computer Systems: A Programmer's Perspective, 3rd Edition, ISBN 978-0134092669
- Kris Kaspersky, Hacker Disassembling Uncovered, 2nd Edition, ISBN 978-1931769648
- Eldad Eilam, Reversing: Secrets of Reverse Engineering, 1st Edition, ISBN 978-0764574818
Course Content
| # | Date | Topic | Slides | Supporting Materials |
|---|---|---|---|---|
| Class 1 | Aug 24, 2020 | Introduction [Video] | ch01.pdf | |
| Class 2 | Sep 04, 2020 | IA-32 Register, Byte Ordering, x86 ASM [Video] | ch02.pdf |
|
| Class 3 | Sep 11, 2020 | Stack and Stack Frame [Video] | ch03.pdf |
|
| Lab 1 (5 points) |
Sep 11, 2020 | Lab: Stack and Stack Frame
Due on: 09/23/2020 23:59:59
|
lab1.pdf |
|
| Class 4 | Sep 18, 2020 | System Call and Shellcode [Video] | ch04.pdf |
|
| Class 5 | Sep 26, 2020 | Stack Overflow [Video] | ch05.pdf |
|
| Lab 2 (5 points) |
Oct 1, 2020 | Lab: Stack Overflow
Due on: 10/10/2020 11:00:00
|
lab2.pdf |
|
| Class 6 | Oct 08, 2020 | Return-oriented Programming (ROP) [Video] | ch06.pdf |
|
| Lab 3 (5 points) |
Oct 8, 2020 | Lab: Return-oriented Programming (ROP)
Due on: 10/17/2020 11:00:00
|
lab3.pdf |
|
| Class 7 | Oct 18, 2020 | Return-to-libc attack & ASLR [Video] | ch07.pdf |
|
| Lab 4 (5 points) |
Oct 18, 2020 | Lab: Return-to-libc attack
Due on: 10/26/2020 23:59:59
|
lab4.pdf |
|
| Class 8 | Nov 02, 2020 | PLT, GOT & Return-to-plt Attack & GOT Overwrite Attack [Video] | ch08.pdf |
|
| Class 9 | Nov 13, 2020 | Multi-Stage Exploits, StackGuard & Format String Bug [Video] | ch09.pdf | multi_stage.c exp_multi_stage.py easy_canary_32.c easy_canary_exp_32.py easy_canary_64.c easy_canary_exp_64.py fmt_write.c fmt_wrong.c fmtstr.c fmtstr_exp.py |
| Lab 5 (5 points) |
Nov 14, 2020 | Lab: Multi-Stage Exploits
Due on: 11/30/2020 23:59:59 Your submission should include: A detailed project report in PDF format to describe what you have done, including screenshots and code snippets and content inside flag. |
Target IP: 144.26.62.188 Target Port: 7777 Vulnerable program: lab5 (lab5.c) Target File (flag): flag ASLR/NX is on, StackGuard and PIE is off Hint Libc version: libc6-i386_2.31-0ubuntu9.1_amd64 [Link] |
|
| Final Project (40 points) |
Nov 24, 2020 | "Very Safe()"
Due on: 12/12/2020 23:59:59 Your submission should include: A detailed project report in PDF format to describe what you have done, including screenshots and code snippets and content inside flag. |
Target IP: 144.26.62.184 Target Port: 8888 Vulnerable program: final(final.c) Target File (flag): flag ASLR/NX and StackGuard are on, PIE is off Hint Libc version: libc6-i386_2.31-0ubuntu9.1_amd64 [Link] |
|
Tutorials and Supporting Materials
- Download MobaXterm (Windows)
- How to use VIM
- How to use Nano
- Overview of IA-32 assembly
- x86 Assembly Language Reference Manual
- A Guide to Programming Intel IA32 PC Architecture programming
- RMS's gdb Tutorial
- How to connect to Badger CTF (Windows)Updated
- How to connect to Badger CTF (MacOS, Linux)Updated
- pwntools - CTF toolkit new
- Pwntools Tutorials new
- GEF - GDB Enhanced Features