Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Tuesday, November 19 • 7:00pm - 11:00pm
Hands-on Ethical Hacking: Preventing and Writing Exploits for Buffer Overflows FILLING

Sign up or log in to save this to your schedule and see who's attending!

Limited Capacity filling up

** YOU MUST RSVP FOR THIS TRAINING BY EMAILING RALPH.DURKEE@OWASP.ORG. CAPACITY IS LIMITED TO 24 ATTENDEES **

A ntense 2.5 hours hands-on course where you will find a buffer overflow vulnerability and then develop an exploit for a stack based buffer overflow. We'll also discuss and test mitigating techniques such as address randomization, stack protections mechanisms, non-executable stacks and of course programming to prevent buffer overflows.

The course will use a virtual Linux system with the required tools running on your own laptop. Students must be comfortable with the Linux command line, and be familiar with basic C/C++ programming. We'll be using the Gnu development tools such as g++. gcc, gdb, and make. Vim, Emacs and Eclipse will all be installed for your editing and exploit writing pleasure. We'll be looking at assembly code in order to develop the final exploit, so some familiarity with assembler languages is helpful, but not required. You must bring your own laptop. The laptop can be MS Windows, Mac or Linux, just make sure you have a recent version of VirtualBox installed and working. Having a DVD reader is helpful for transferring the VM, but a flash drive will also be available.

Laptop Requirements:

  • At least 4Gb RAM

  • 8 Gb of free disk space

  • Virtual Box 4.2.16 or newer installed.

  • Administrator or root privileges for the laptop.

  • Comfortable with Linux Command Line and g++ / gcc.

  • SomeC/C++programming


Speakers
avatar for Ralph Durkee

Ralph Durkee

Principal Security Consultant, Durkee Consulting, Inc.
Ralph Durkee is the principal security consultant and president of Durkee Consulting, Inc since 1996. Ralph founded the OWASP Rochester, NY chapter and has served on the board since 2004. Ralph served on the ISSA chapter board to start the Rochester ISSA chapter as well as starting the annual Rochester Security Summit. He has served as the ISSA chapter president since 2010. He performs a variety of network and application penetration tests... Read More →


Tuesday November 19, 2013 7:00pm - 11:00pm
Brecht (4th Floor) NY Marriott Marquis

Attendees (19)