BSidesSLC has ended
Back To Schedule
Thursday, February 21 • 10:00am - 6:00pm
Basic Memory Corruption: Introduction to Stack-based Exploitation

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
This is a course on basic stack-based exploitation. We’ll begin with a review of how memory management works within an IA32 architecture, before diving headfirst into classic attacks such as buffer overflows, format string exploits, and DTOR/GOT overwrites. We’ll also learn how to write shellcode and bypass non-executable stacks using return-to-libc attacks. Finally, we’ll go over some basic mitigations to the techniques we’ve learned. This is meant to be a foundational course that can serve as jumping off point for students wishing to learn more advanced topics such as ROP chains, heap sprays, use after free, and defeating ASLR. Students should each bring a laptop equipped with VMWare or VirtualBox and provisioned with at least 25GB of disk space and 8GB of memory. Prior exposure to C programming, assembly, and basic memory management concepts are highly recommended in order to benefit from this course.

avatar for Gabriel Ryan

Gabriel Ryan

Gabriel Ryan is a researcher and security consultant with a passion for wireless and infrastructure testing. He currently serves as a Principal Consultant for Mandiant, a FireEye company, supporting their Red Team practice in Denver.Some of Gabriel’s most recent work includes the... Read More →

Thursday February 21, 2019 10:00am - 6:00pm PST
Sego Lilly D

Attendees (7)