Dailydave mailing list archives
FUTEX is "fun"
From: Dave Aitel <dave () immunityinc com>
Date: Thu, 13 Nov 2014 14:41:18 -0500
The hardest part of learning exploit development on modern systems is finding vulnerabilities that can be done by a beginner, but which teach advanced concepts, without being completely fake. This is one thing I really liked about our older "Unethical Hacking" class. It ramped up so smoothly with exploit difficulty, that each exploit naturally followed the last and at the end you knew how to write Windows exploits without even realizing you did. This is hard to replicate in the modern world, where exploits go from "Super hard because ALSR and DEP are annoying" to "insanely impossibly hard because apparently Loki hates me". When we teach the "Master Class" we assume that you know how to write exploits, and of course, are smart, but we cannot assume you know Linux or the particulars of kernel debugging. We've chosen the Futex exploit as one of the ones for the Linux kernel exploitation portion as a demonstration exploit. It involves a particular control of stack variables, and a set of interesting problems which we think will work well for taking anyone who is good at exploitation into Linux kernel work without being at all fake, or require a sacrifice to an angry demi-god to make work in class. So sign up today, learn from some of the best, and enjoy the fine fruits of your labor afterwards with mojitos and conversations about global survellance (pro or con?) on South Beach. The Master Class always sells out, so I recommend buying now as opposed to in March. http://infiltratecon.org/training.html
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- FUTEX is "fun" Dave Aitel (Nov 13)