RCE
founder:	root
depends on:
interested:	biiter ruza
software license:
hardware license:

~~META: status = active &relation firstimage = :project:rce.png ~~

• security research
• education

16.12.2011 20:00 - date vote poll
Provedeni resenim challenge http://canyoucrackit.co.uk.
Postupne si vysvetlime co se po nas v zadani chtelo a jak se to melo resit.

• http://immunityinc.com/products-immdbg.shtml
• http://www.hex-rays.com/products/ida/support/download_freeware.shtml

• http://www.binary-auditing.com/

• http://www.openrce.org/reference_library/
• http://www.woodmann.com/
• http://vx.netlux.org/

• http://sts.synflood.de/dump/doc/RE_I.txt
• http://sts.synflood.de/dump/doc/RE_II.txt
• http://hexblog.com/files/recon%202010%20Skochinsky.pdf
• http://thelegendofrandom.com/blog/sample-page

Date to be announced.

1. from boot to root

• x86 boot process (modes)
• grub
• kernel main
• init
• rc.d
• root

2. running process

• elf
• loader (libraries)
• environment (input/ipc)
• syscalls (process/kernel)
• library call (.plt)

3. debugging

• ltrace
• strace
• ptrace
• gdb
• basic disassembly

4. creating program

• memory layout
• stack
• heap
• object placement (variables in memory)
• gcc

5. reverse engineering

• advanced disassembly
• basic constructions (functions)
• code flow control
• de/obfuscation
• examples

6. vulnerability exploitation

• buffer
• types
• shellcode
• pwn
• examples

7. code review

• taossa
• secure coding
• xorl

8. vulnerability discovery

• code review
• documentation
• fuzzing