CNIT 127: Exploit Development
Spring 2018 Sam BowneSchedule · Lecture Notes · ProjectsScoresAvailable to Everyone Free |
Pirate Class
To get official credit, |
Catalog DescriptionLearn how to find vulnerabilities and exploit them to gain control of target systems, including Linux, Windows, Mac, and Cisco. This class covers how to write tools, not just how to use them; essential skills for advanced penetration testers and software security professionals. Student Learning Outcomes1. Read and write basic assembly code routines Textbook"The Shellcoder's Handbook: Discovering and Exploiting Security Holes ", by Chris Anley, John Heasman, Felix Lindner, Gerardo Richarte; ASIN: B004P5O38Q Buy from Amazon QuizzesThe quizzes are multiple-choice, online, and open-book. However, you may not ask other people to help you during the quizzes. You will need to study the textbook chapter before the lecture covering it, and take the quiz before that class. Each quiz is available for one week, up till 12:30 pm Saturday. Each quiz has 5 questions, you have ten minutes to take it, and you can make two attempts. If you take the quiz twice, the second score is the one that counts, not necessarily the higher score. Live StreamingYou can attend class remotely using Zoom. |
Schedule (may be revised) | ||||
---|---|---|---|---|
Date | Due | Topic | ||
Sat 1-20 | Class 1: Ch 1: Before you Begin
| |||
Sat 1-27 | Ch 1 Quiz** Ch 2 Quiz** |
Class 2: Ch 2: Stack overflows on Linux
| ||
Sat 2-3 | Ch 3 Quiz** | Class 3: Ch 3: Shellcode
| ||
Sat 2-10 |
Ch 4 Quiz* Proj 0, 1, & 2 due |
Class 4: Ch 4: Introduction to format string bugs
| ||
Sat 2-17 | Holiday - No Class | |||
Sat 2-24 |
Ch 5 Quiz* Proj 3 & 4 due |
Class 5: Ch 5: Introduction to heap overflows
| ||
Sat 3-3 |
Ch 6 Quiz* Proj 5 & 6 due |
Class 6: Ch 6: The Wild World of Windows
| ||
Sat 3-10 |
No Quiz due Proj 7 & 8 due |
Class 7: Lecture 7: Intro to 64-Bit Assembler (Not in book)
| ||
Sat 3-17 |
Ch 8a Quiz* Proj 8a & 8b due |
Class 8: Ch 8: Windows overflows (Part 1)
| ||
Sat 3-24 |
Ch 8b Quiz* Proj 9 due |
Class 9: Ch 8: Windows overflows (Part 2)
| ||
Sat 3-31 | Holiday - No Class | |||
Sat 4-7 |
Class Cancelled for TORO.HACK |
|||
Sat 4-14 |
Ch 14 Quiz* Proj 10 & 11 due |
Class 11: Ch 14: Protection Mechanisms
| ||
Sat 4-21 |
Ch 16+17 Quiz* Proj 12 & 13 due |
Class 12: Ch 16: Fault Injection Ch 17: The Art of Fuzzing
| ||
Sat 4-28 |
Ch 18 Quiz* Proj 14 & 15 due |
Class 13: Ch 18: Source Code Auditing
| ||
Sat 5-5 | No Quiz Proj 16 due |
Class 14: Hopper Debugger
| ||
Sat 5-12 |
| |||
Wed 5-16 - Wed 5-23 |
Final Exam available online throughout the week. You can only take it once. | |||
* Quizzes due 30 min. before class ** Not counted as late until 2-10 |
LecturesGrading Policy · First Day Handout
Introduction to Exploitation: Linux on x86
Ch 1: Before you begin ·
KEY ·
PDF
WindowsCh 6: The Wild World of Windows · KEY · PDFLecture 7: Intro to 64-Bit Assembler (Not in book) · KEY · PDF We'll skip Ch 7: Windows shellcode
Ch 8: Windows overflows (Part 1) ·
KEY ·
PDF We'll skip chapters 9 through 13
Ch 14: Protection Mechanisms ·
KEY ·
PDF Vulnerability DiscoveryWe'll skip chapter 15
Ch 16: Fault Injection and 17: The Art of Fuzzing ·
KEY ·
PDF |