Tuesday, 26 August 2014

Exploit Lab announcements - 44CON, Ruxcon/Breakpoint, Blackhat Europe, Blackhat East Coast Trainings

Presenting our training calendar for the remainder of 2014. The Exploit Laboratory trainings have been confirmed at the following events worldwide:

September 9,10: 44CON, London (Advanced)

October 6,7: RUXCON, Melbourne Australia (Intro/Intermediate)

October 14,15: Blackhat Europe, Amsterdam (Advanced)

And last but not the least, we have an all new class focusing on bug hunting and fuzzing!

"Black Box Bug Hunting - An Introduction to Vulnerability Discovery and Exploit Development" debuts at the Blackhat East Coast Trainings, Maryland, USA from December 8-11. This is a 4-day class focused more on the art and craft of bug hunting, fuzzing, reverse engineering, crash dump analysis and performing root cause analysis of exploitability.

A detailed announcement shall follow shortly.

Saturday, 9 August 2014

The Advanced Exploit Laboratory returns to 44CON

With the dust settling after Blackhat USA 2014, we are getting ready for another round of advanced exploit development training at 44CON next month.

The Advanced Exploit Laboratory at 44CON shall focus on the latest topics in exploit development - with special attention to Use-After-Free bugs, Information Leaks, Return Oriented Programming and dynamic ROP chains. The Advanced Exploit Laboratory is indeed a fast-paced class, intended for participants who already have basic exploit development experience and want to take their skills to today's cutting edge topics.

If you are joining the Advanced Exploit Laboratory at 44CON and your exploit development skills need a little warm-up, we have just the thing for you! TinySPLOIT is a tiny (30MB) VMware virtual machine running web server vulnerable to a simple stack overflow. You may download TinySPLOIT from here (mirror link). TinySPLOIT can be up and running in a few minutes. You can also read more about TinySPLOIT in our earlier blog post.

In addition to TinySPLOIT, do also check out our tutorials on How Functions Work, and Introduction to Debuggers.

See you next month in London!

Friday, 25 July 2014

TinySPLOIT - Warm-up exercise on Exploit Development

This year's Exploit Laboratory classes at Blackhat USA 2014 feature completely new content. First, we have retired Windows XP based exploits altogether from our RedTeam class. Our advanced class "The Exploit Laboratory: Black Belt" focuses on ROP, Use-After-Free, Infoleaks and 64-bit exploitation.

The Black Belt class is going to be fast paced, and we mean it! We expect all Black Belt participants to be familiar with the workings of stack overflow exploits, at a minimum.

Enter TinySPLOIT - a compact Linux virtual machine running a vulnerable web server that you can sharpen your stack overflow skills with.

TinySPLOIT is a 30MB VMware image and can be downloaded here. (mirror). SHA256 checksum: 6bd956c86846a21e713c9f5efa7cf286386d2b4aa654a3734b9ce9b6497fa59a

You can be up and running with TinySPLOIT in a matter of minutes. Boot up the VM, follow the instructions on its web page, write an exploit and get a shell! For debugging purposes, the root password is "exploitlab" :)

This shall be my 16th year in a row at Blackhat USA. This year, I shall be joined by the Exploit Lab co-developer and my dear friend S.K. who shall teach a number of new topics including 64-bit exploitation, and Eric Liu, teaching a brand new module on information leakage via 1-byte memory overwrites.

Blackhat Training prices go up on the 26th of July, so if you are thinking of registering for the courses, now's the time. See you in Las Vegas in a week!

Thursday, 3 July 2014

The Exploit Lab bids farewell to Win XP

Times are changing. Desktops all around the world bid a fond farewell to Windows XP in April 2014, and The Exploit Laboratory is no exception.

Exploits based on Windows XP shall not feature in the Exploit Laboratory any more.

After all, it doesn't make sense to learn exploit writing on a dwindling platform, does it?

The course content overhaul for Blackhat USA 2014 is complete. All exploits and examples have been revised. What was advanced content a couple of years ago has now been re-worked into our intermediate level Exploit Laboratory: Red Team class. The Exploit Laboratory: Black Belt class shall focus on present day advanced topics such as Use-After-Free exploits, Information Leaks, Compound Exploits and Dynamic ROP chains.

Our Blackhat 2014 classes are filling up fast. For those of you who have already registered, do browse through the following concepts refresher tutorials:
  1. Operating Systems: A Primer
  2. Introduction to Debuggers
  3. How Functions Work

Wednesday, 26 February 2014

Exploit Lab 2014 - Cansecwest, SyScan, Recon, Blackhat USA, 44CON

The Exploit Laboratory classes have been confirmed at the following conferences. This year, we are focusing more on advanced exploit development concepts, especially bypassing exploit mitigation techniques such as DEP and ASLR, Return Oriented Programming, Information Leaks and Dynamic ROP chains, and Use-After-Free bugs.

March 8-11: CanSecWest 2014, Vancouver (Intro, Advanced)

March 31-April 2: SyScan '14, Singapore (3-day Advanced)

June 23-26: Recon 2014, Montreal (Advanced, Über Advanced)

August 2-5: Blackhat USA 2014, Las Vegas (Red Team, Black Belt)

September 9,10: 44CON, London (Advanced)

Don't miss out on early bird registrations!

FREE VMware licenses for Exploit Lab at CanSecWest 2014!

Yes you read that right. A big shout-out to the friendly folks at VMware for providing FREE licenses of VMware Fusion and VMware workstation for all Exploit Laboratory students at CanSecWest 2014!

With CanSecWest less than 2 weeks away, there's still time to register for the Introduction to Exploit Development Dojo and the Advanced Exploit Development Dojo.

Those of you who have already registered for CanSecWest's dojos, contact the organizers at secwest14 [at] cansecwest.com to reserve your free VMware licenses.

Tuesday, 11 February 2014

Exploit Lab Announcements for 2014 - CanSecWest and SyScan

2013 witnessed many radical changes, and exploit development is no exception. We have been hard at work these past two months making heavy changes to the classes. Based on the positive feedback we received at the Blackhat West Coast Trainings in December, we have made significant updates to the Exploit Laboratory classes for 2014.

Our 2014 line-up begins with two classes at CanSecWest, happening less than a month from now in Vancouver.

March 8,9: The Exploit Laboratory Introductory Dojo
March 10,11: The Advanced Exploit Lab Dojo

CanSecWest Dojos are unique. Small group and a very flexible environment to innovate and improvise as need be, followed by a high energy, high enthusiasm conference. And this year, we have a special guest instructor, Eric Liu, who shall be showing off some really fancy pure ASLR and DEP bypasses brought about from Use-After-Free bugs.

As with last year, we have a combo offering for those who wish to take both classes for a 4-day 0 to PWN overdose of exploit development experience! As usual, seats at the CanSecWest Dojos are limited, so make sure you register soon!

The next class for March is at the SyScan 2014 conference in Singapore. At SyScan, we shall be offering a special 3 day exploit development class featuring intermediate and advanced exploit development techniques.

March 31-April 2: The Exploit Laboratory SyScan '14 Edition

SyScan 2014 is also featuring an epic line up of world class speakers and talks. Be sure not to miss it!

For those of you have taken the Exploit Laboratory classes before, stay tuned for more announcements regarding really advanced content - more advanced than "Advanced". Tell your friends, spread the word, and pop by the conference to say, or have a POP/POP/RET with us!

-- Saumil Shah