Notes Index for Secure Software

Intro to Secure Software Design:

Preamble: Why I'm teaching x86 in Secure Software Design

PWN rigs, a few options for reversing stuff

Class 3: Intro to x86, Framework of all exploits, First crackmes

Mastery Goal A:

Learn just enough C to compile an executable that does some basic stuff

Optional Class 1: C basics, compiling, loops, etc.

Adjusted Class 1, now class 2: C as ASM++, intro to reversing

Mastery Goal B:

Class 4: CONTINUED Intro to x86, Framework of all exploits, First crackmes

Class 5: Practicing reversing

Class 6: Crackmes!

Mastery Goal C:

Class 7: Calling Conventions!

Class 9: Calling Conventions and Parameters

Mastery Goal D:

Class 8: pwntools and baby buffer overflow (link here doesn't matter, we invented the lecture)

Class 12: 32-bit Arguments, applied calling conventions

Mastery Goal E:

Class 10: Shellcode and leak processing for chall_03

Mastery Goal F:

Class 11: Intro to ROP, adding an argument to a win

Mastery Goal G+H:

Class 13: ret2libc

Catch-up Q and A

Class 14: Interactive Help Session

Class 17: Just do the work

Mastery Task I:

Class 15: Format String Vulnerability

Mastery Task J:

Class 16: Write-What-Where

Mastery Task K:

WWW part 2

Mastery Task L:


Mastery Task M:

Hello Heap

CTF Heaps, and Use-After-Free

HEAP Recap, tcache-poisoning AKA UAF pt 2

how2heap,, patchelf AKA Getting the RIGHT glibc wired correctly

free_hook, complete UAF demo, tmux script

fake chunks, the bugs that make heap exploits, and our first heap overflow

No UAF Yes Double-free, fastbins vs tcache, heap flow charts, intro to fastbin dup

Fastbin Dup and fake sizes, in practice

Quick recap of the heap

House of Botcake WWW

Project 2 - Interactive

Exit Funcs, going for cutting-edge

Lab day(s): Everyone transcend via glibc 2.34+

Last Day Wrap-Up