Null offensive hacking hands-on training.
Proposed sessions for this event:
- From Crash To Exploit by Ashfaq Ansari
We are conducting a n|u Humla session at Pune on
From Crash to Exploit: CVE-2015-6086 - Out of Bound Read/ASLR Bypass. This will be a complete hands-on session where attendees will be introduced to aspects of root cause analysis and the challenges faced during the development of a reliable exploit. We invite people who knows basics of user mode exploitation, assembly and enthusiasts. This is a per-invite based session and will be sending out the invites to only 10 people.
Ashfaq Ansari is working as Security Consultant at Payatu Technologies where he spends time experimenting and understanding different attack vectors to exploit Windows User Mode as well as Kernel Mode vulnerabilities. He likes fuzzing and a fanboy of machine learning. He is a computer enthusiast and tries to learn new things.
Introduction Out of Bound Read bugs
Understanding the bug
Root Cause Analysis
Understanding Heap Allocator
Massaging the Heap
Bypassing Address Space Layout Randomization (ASLR)
Q/A & Feedback
Hardware & Software Requirement
- A laptop capable of running one virtual machine (4/8 GB of RAM).
- 8/16 GB Flash Drive
What to Expect?
- Quick Overview of Heap Allocator
- Techniques to exploit Out of Bound Read/Write bugs
What Not to Expect?
- Elite Browser Hacker in 1 day
- Basics of User Mode Exploitation
Note: This session is conducted to introduce root cause analysis, exploitation challenges and walk-through/hands-on. We will be focused on CVE-2015-6086 and will try to make the workshop more interesting by having discussions.
This is just the
BEGINNING, not the
|Date||Saturday January 16 2016|
|Event Type||Invite Only|
|Start Time||10:00 AM|
|End Time||06:00 PM|