Notes Index for Secure Software

Intro to Secure Software Design:

Preamble: Why I'm teaching x86 in Secure Software Design

PWN rigs, a few options for reversing stuff

Mastery Goal A:

Learn just enough C to compile an executable that does some basic stuff

Mastery Goal B:

Learn enough x86 to see the C

Never used: C basics, compiling, loops, etc.

Adjusted notes class 2: C as ASM++, intro to reversing

https://pwnwizard.com/

Intro to x86, Framework of all exploits, First crackmes

Radare2 101

Mastery Goal C:

Calling Conventions!

Part 2: Calling Conventions and Parameters

Project 1:

Creative Calling Conventions

Mastery Goal D:

pwntools QUICK REFERENCE GUIDE

Our first baby buffer overflow

Mastery Goal E:

Shellcode and leak processing for chall_03

Mastery Goal F:

Intro to ROP

32-bit Arguments, applied calling conventions

Mastery Goal H:

looting wal-mart / escape into glibc

Mastery Goal G:

PLT/GOT for linking and random address hacks

Mastery Task I:

Class 12: Format String Vulnerability

Mastery Task L:

syscall, int 0x80, sigreturn (SROP)

THE HEAP PARTS:

Master gdb with pwndbg and learn the fundamentals of the heap

Heap 1: Intro to heap, MOM'S SPAGHETTI, HEAP REFERENCE GUIDES

Heap 2: Heap Vibe Check, let's explore a Use-After-Free and corrupting a linked-list