User Tools

Site Tools


assembly_class

Assembly and Hacking Class

omghax.jpg

Instructor and fellow newb: Gleep

Date and Time: Next class will be August 10th, 2013. Class times will generally be from when I get there (approx. 7:30 pm) until 11 pm

Pretty much everything I am going to be talking about can be found on-line in several places if you want to start studying.

Here are some great resources:

SecurityTube - great tutorials http://www.securitytube.net/groups?operation=viewall&groupId=0

Corelan Exploit Writing tutorials http://www.corelan.be/index.php/category/security/exploit-writing-tutorials/

Tuts4You - Reverse engineering, exploits, keygens, etc http://tuts4you.com/download.php

Crackmes - Reverse engineering, copy pro busting, and all completely legal :) http://www.crackmes.de/

Great books for study:

Professional Assembly Language by Richard Blum

Practical Malware Analysis by Michael Sikorski and Andrew Honig

Reversing by Eldad Eilam

This class will cover assembly language, shell-coding, and exploiting for Linux and Windows on x86 processors. Why? Because that will cover the vast majority of what you will need or want to hack.

If you want RISC, AVR, or some other flavor of assembly, you will not find it in this class. However, the lessons you learn here will help with other flavors of assembly. If you really need another specialty flavor, remember you can always make your own class and present it. I will even come and try to learn it :).

Upcoming class topics:

Class 1: Assembly Basics - Stack, Heap, Registers, Opcodes, Memory layout, Data types, working with strings, moving data

Class 1 files: Presentation asm-preso-class1.pptx Source files asmclass1.tar new GDBinit file from Datagram gdbinit.txt

To use the GDBinit file, download it and put it in your $HOME directory, and change its name to .gdbinit

When you run GDB the next time, check out all the cool changes to your gdb screen! It's a lot more functional. Thx Datagram! Read the GDBinit file to see the various new macros you can do to make debugging easier.

Class we got to this in Class 1: Assembly Basics - Assembly file syntax, using a compiler, linker, and debugger, Write and compile our first program

Class 1 HOMEWORK - download this file asmcl1hw.txt


Class 2: Assembly Basics - Floating point and signed maths, SIMD, C structures in asm, Program branch logic, Function calls and stack frames, Debugger-fu

Class 2 files: Presentation asm-pres-class2.pptx


Class 2.5: File operations with assembly, optimizing code, Linux assembly catch-all day

Class 3: Assembly Basics - Windows internals, processor modes, data types, MASM and MASM32, procedures, IDA

Class 4: Assembly Basics - Catchall day, assembly practice

Class 5: Cracking Basics - Crackmes, keygens, copy protection

Class 6: Hacking Basics - System scanning and service enumeration, Backtrack and other tools

Class 7: Hacking Basics - App fuzzing, finding and controlling EIP, Buffer overflows, generating shellcode

Class 9: Hacking Basics - More shellcoding, egg hunters, NOP sleds, working with Metasploit

Pre-reading: Please know what a bit, nibble, byte, and words are in terms of computer data. This is an assembly and hacking class, not a basic Computer Science course, so if you do not know basic information about how a computer even operates, I ask that you put in some effort before class to educate yourself. This will help make sure you are not left behind, and that I maintain my sanity and customary good humor. Please do some reading on Boolean logic and truth tables if you do not have a firm grasp of it already. Boolean logic http://en.wikipedia.org/wiki/Boolean_logic Truth Tables http://en.wikipedia.org/wiki/Truth_table Please read and understand the difference between binary, hexadecimal, decimal, and ASCII data. Hexadecimal info http://en.wikipedia.org/wiki/Hexadecimal Data types http://en.wikipedia.org/wiki/Data_type Please understand the difference between signed and unsigned data, and read up on Two's Complement. http://en.wikipedia.org/wiki/Twos_complement

What You Need:

 Your laptop should have both Windows and Linux on it in some combo (Linux host, Windows VM, or vice versa), as well as a VM of Backtrack 5 R2.

Please load:

A VM image of Backtrack 5 R2 http://www.backtrack-linux.org/downloads/

For Windows:

Dev-C++ - http://www.bloodshed.net/devcpp.html

Windbg - http://www.windbg.org/

yasm - http://yasm.tortall.net/


Sign up on the discussion page here → Assembly_Class

assembly_class.txt · Last modified: 2013/08/13 12:13 by 127.0.0.1