Lecture: Applied Binary Exploitation

Course:

  • Responsible: Prof. Dr. Elmar Padilla
  • Start: 2024-04-08
  • Dates: Mon 16:00 - 18:00, weekly, Fraunhofer FKIE, Zanderstraße. Hybrid event
  • Course number: 612103322

Exercises:

  • Responsible: Martin Clauß
  • Start: 2024-04-16
  • Dates: Tue 16 - 18, weekly, Fraunhofer FKIE, Zanderstraße. Hybrid event
  • Course number: 612203322

Other:

  • Term: Master Computer Science, Master Cyber Security
  • Requirements:
  • Faculty: MA-INF 3322
  • Effort: 2L + 2E / 6CP

Announcements

Please refer to https://abe.seclab-bonn.de/ for up-to-date information about the lecture as well as materials.

In case you need to refresh your binary analysis knowledge, you can check out the undefinedABA script. The parts about Linux are relevant for ABE as well.

Description

Our computers run a lot of closed source binary programs meaning that the source code of those programs is not available. Naturally, those programs contain bugs, mistakes that the programmer made during the development. Those bugs could (under certain circumstances) be exploited by attackers and thus may lead to arbitrary code execution. In this lecture we aim to teach you how to find well known exploitable bugs and how to exploit them. After a brief recap of basic binary program analysis such as static and dynamic analysis, we will talk about vulnerability discovery in general, meaning that you will learn how to find exploitable bugs by yourself. Next we move on to basic stack-based buffer overflows and add mitigation techniques (stack cookies, NX, ASLR, RELRO, ...) as we progress and exploit them as well. After we finished the topic of stack-based buffer overflows we move on to more advanced topics such as heap exploitation, use-after-free exploits and others. The lecture ends with an analysis of a sophisticated real-world exploit.

Between the first and the second exam phase there will be a guest lecture from a renowned expert. Past guest lecturers were:

2023: Robert Xiao: Exploiting a Filesystem Driver in a Kernel CTF Challenge

2021: Claudio Guarnieri (@botherder): A talk about journalists, human rights defenders and dissidents that face increasingly sophisticated digital threats and what to do about it.

2020: Maddie Stone (@maddiestone): Reversing the Root: Identifying the Exploited Vulnerability in 0-days Used In-The-Wild

2019: Gynvael Coldwind (@gynvael): Notes on Computer Hardware and Security

2018: Thomas Dullien (@halvarflake): Fundamentals of Security Exploits

Organizational notes

You may take this course even if you have passed BA-INF 148 Program Analysis and Binary Exploitation (PABE) during your bachelor's.
You cannot take this course if you have already passed MA-INF 3322 Program Analysis and Binary Exploitation (PABE).

Note: This time the lecture will be hybrid. The lectures will be recorded. Exercise meetings will not be recorded.
Online participation for both will be possible undefinedvia BBB
.

The lecture will take place at room Bonn-Beuel in the basement of Fraunhofer FKIE (Zanderstraße 5, 53177 Bonn-Bad Godesberg). Ring the doorbell and ask the front desk for directions.

Dates and Events

Lecture and exercise dates

NrDateEvent
02024-04-08lecture
12024-04-15lecture
E02024-04-16exercise
22024-04-22lecture
32024-04-29lecture
E12024-04-30exercise
42024-05-06lecture
52024-05-13lecture
E22024-05-14exercise
2024-05-20no lecture
62024-05-27lecture
72024-06-03lecture
E32024-06-04exercise
82024-06-10lecture
92024-06-17lecture
E42024-06-18exercise
102024-06-24lecture
112024-07-01lecture
E52024-07-02exercise
122024-07-08lecture
132024-07-15invited talk

First exam period: to be announced

Second exam period: to be announced