Assembly and Hacking Class
Instructor and fellow newb: Gleep
Date and Time: Next class will be August 10th, 2013. Class times will generally be from when I get there (approx. 7:30 pm) until 11 pm
Pretty much everything I am going to be talking about can be found on-line in several places if you want to start studying.
Here are some great resources:
SecurityTube - great tutorials http://www.securitytube.net/groups?operation=viewall&groupId=0
Corelan Exploit Writing tutorials http://www.corelan.be/index.php/category/security/exploit-writing-tutorials/
Tuts4You - Reverse engineering, exploits, keygens, etc http://tuts4you.com/download.php
Crackmes - Reverse engineering, copy pro busting, and all completely legal :) http://www.crackmes.de/
Great books for study:
Professional Assembly Language by Richard Blum
Practical Malware Analysis by Michael Sikorski and Andrew Honig
Reversing by Eldad Eilam
This class will cover assembly language, shell-coding, and exploiting for Linux and Windows on x86 processors. Why? Because that will cover the vast majority of what you will need or want to hack.
If you want RISC, AVR, or some other flavor of assembly, you will not find it in this class. However, the lessons you learn here will help with other flavors of assembly. If you really need another specialty flavor, remember you can always make your own class and present it. I will even come and try to learn it :).
Upcoming class topics:
Class 1: Assembly Basics - Stack, Heap, Registers, Opcodes, Memory layout, Data types, working with strings, moving data
To use the GDBinit file, download it and put it in your $HOME directory, and change its name to .gdbinit
When you run GDB the next time, check out all the cool changes to your gdb screen! It's a lot more functional. Thx Datagram! Read the GDBinit file to see the various new macros you can do to make debugging easier.
Class we got to this in Class 1: Assembly Basics - Assembly file syntax, using a compiler, linker, and debugger, Write and compile our first program
Class 1 HOMEWORK - download this file asmcl1hw.txt
Class 2: Assembly Basics - Floating point and signed maths, SIMD, C structures in asm, Program branch logic, Function calls and stack frames, Debugger-fu
Class 2 files: Presentation asm-pres-class2.pptx
Class 2.5: File operations with assembly, optimizing code, Linux assembly catch-all day
Class 3: Assembly Basics - Windows internals, processor modes, data types, MASM and MASM32, procedures, IDA
Class 4: Assembly Basics - Catchall day, assembly practice
Class 5: Cracking Basics - Crackmes, keygens, copy protection
Class 6: Hacking Basics - System scanning and service enumeration, Backtrack and other tools
Class 7: Hacking Basics - App fuzzing, finding and controlling EIP, Buffer overflows, generating shellcode
Class 9: Hacking Basics - More shellcoding, egg hunters, NOP sleds, working with Metasploit
Pre-reading: Please know what a bit, nibble, byte, and words are in terms of computer data. This is an assembly and hacking class, not a basic Computer Science course, so if you do not know basic information about how a computer even operates, I ask that you put in some effort before class to educate yourself. This will help make sure you are not left behind, and that I maintain my sanity and customary good humor. Please do some reading on Boolean logic and truth tables if you do not have a firm grasp of it already. Boolean logic http://en.wikipedia.org/wiki/Boolean_logic Truth Tables http://en.wikipedia.org/wiki/Truth_table Please read and understand the difference between binary, hexadecimal, decimal, and ASCII data. Hexadecimal info http://en.wikipedia.org/wiki/Hexadecimal Data types http://en.wikipedia.org/wiki/Data_type Please understand the difference between signed and unsigned data, and read up on Two's Complement. http://en.wikipedia.org/wiki/Twos_complement
What You Need:
Your laptop should have both Windows and Linux on it in some combo (Linux host, Windows VM, or vice versa), as well as a VM of Backtrack 5 R2.
A VM image of Backtrack 5 R2 http://www.backtrack-linux.org/downloads/
Dev-C++ - http://www.bloodshed.net/devcpp.html
Windbg - http://www.windbg.org/
yasm - http://yasm.tortall.net/
Sign up on the discussion page here → Assembly_Class