Presentation is loading. Please wait.

Presentation is loading. Please wait.

Project 1 RueiMin Jiang. What U Will Learn 1. shellcoding 2. windows API 3. how to use linux system call 4. some basic socket programming.

Published byKerry Caldwell Modified over 9 years ago

Similar presentations

Presentation on theme: "Project 1 RueiMin Jiang. What U Will Learn 1. shellcoding 2. windows API 3. how to use linux system call 4. some basic socket programming."— Presentation transcript:

1 Project 1 RueiMin Jiang

2 What U Will Learn 1. shellcoding 2. windows API 3. how to use linux system call 4. some basic socket programming

3 Project Goal Describe in this link: – http://in1.csie.ncu.edu.tw/~hsufh/COURSES/FALL 2012/security_project1.html

4 Project Detailed The MBC (Mission Briefing Code) need to be written in shellcode format. Operating System Platform: – Linux – Windows If you can write a program that will help u generate shellcode, what would be a bonus.

5 Some Hints Most Operating System enable ASLR by default. Linux: – System Call – Disable ASLR by yourself. Windows: – LoadLibraryA() – GetProcAddress()

6 Grading Policy Total 120 Points Operating System is Linux : up to 80 – With System Call : up to 80 – With Function Call : up to 80 Operating System is Windows: – With Static Function Address : up to 80 – With Dynamic Function Address : up to 90 Bonus: 30 points – According to your answer to TA’s questions.

7 Reference Material http://www.hick.org/code/skape/papers/win32- shellcode.pdf http://www.hick.org/code/skape/papers/win32- shellcode.pdf http://insecure.org/stf/smashstack.html http://www.vividmachines.com/shellcode/shellcode.ht ml http://www.vividmachines.com/shellcode/shellcode.ht ml http://msdn.microsoft.com/en- us/library/windows/desktop/hh920509%28v=vs.85%29 http://msdn.microsoft.com/en- us/library/windows/desktop/hh920509%28v=vs.85%29 http://msdn.microsoft.com/en- us/library/windows/desktop/ms680547%28v=vs.85%2 9.aspx http://msdn.microsoft.com/en- us/library/windows/desktop/ms680547%28v=vs.85%2 9.aspx http://mike820324.blogspot.tw/search/label/shell%20 code

8 Keyword Shellcode Position Independent Code PEB(Process Entry Block)

Download ppt "Project 1 RueiMin Jiang. What U Will Learn 1. shellcoding 2. windows API 3. how to use linux system call 4. some basic socket programming."

Similar presentations

An Inspector Calls Revision. Feedback Points before quotes (avoid listing) More ref. to Form More Terminology (juxtaposition, protagonist) Cross reference.

An Inspector Calls Revision. Feedback Points before quotes (avoid listing) More ref. to Form More Terminology (juxtaposition, protagonist) Cross reference.
purpose Search : automation methods for device driver development in IP-based embedded systems in order to achieve high reliability, productivity, reusability.

purpose Search : automation methods for device driver development in IP-based embedded systems in order to achieve high reliability, productivity, reusability.
Lecture plan Information retrieval (from week 11)

Lecture plan Information retrieval (from week 11)
Paradyn Project Paradyn / Dyninst Week College Park, Maryland March 26-28, 2012 Paradyn Project Upcoming Features in Dyninst and its Components Bill Williams.

Paradyn Project Paradyn / Dyninst Week College Park, Maryland March 26-28, 2012 Paradyn Project Upcoming Features in Dyninst and its Components Bill Williams.
Introduction to Operating Systems CS-2301 B-term 20081 Introduction to Operating Systems CS-2301, System Programming for Non-majors (Slides include materials.

Introduction to Operating Systems CS-2301 B-term Introduction to Operating Systems CS-2301, System Programming for Non-majors (Slides include materials.
Measuring and reporting outcomes for your BTOP grant 1Measuring and Reporting Outcomes.

Measuring and reporting outcomes for your BTOP grant 1Measuring and Reporting Outcomes.
Works Cardholder Tutorial Initial Login, Transaction Review, & Reports.

Works Cardholder Tutorial Initial Login, Transaction Review, & Reports.
1 Memory Management in Representative Operating Systems.

1 Memory Management in Representative Operating Systems.
Design Synopsys System Verilog API Donations to Accellera João Geada.

Design Synopsys System Verilog API Donations to Accellera João Geada.
Getting Started with Oracle Compute Cloud

Getting Started with Oracle Compute Cloud
VAVLPVCTYMAUS PSABLADDERZSB EBSANTESHTICL RLDUDSKTTVSRA EDEARCENEAUOD CRFNORSASINTD TPEUUOCPTDATP UNRTMTRBEEXME MIEUSUULSNSNN USNMEMNISAIIT AESXSVPENNISI.

VAVLPVCTYMAUS PSABLADDERZSB EBSANTESHTICL RLDUDSKTTVSRA EDEARCENEAUOD CRFNORSASINTD TPEUUOCPTDATP UNRTMTRBEEXME MIEUSUULSNSNN USNMEMNISAIIT AESXSVPENNISI.
QPLNHTURBIOTS CADAIASOINCOS OSTPOSTLGVAGT AJRLFKLEROUEA CLARITYSOLSTB HTEAMVSRUVAHI INTERACTPELEL NAPKSOCIALIRI GSOCIOGRAMTST CONFORMITYYTY 14 WORDS ANSWERS.

QPLNHTURBIOTS CADAIASOINCOS OSTPOSTLGVAGT AJRLFKLEROUEA CLARITYSOLSTB HTEAMVSRUVAHI INTERACTPELEL NAPKSOCIALIRI GSOCIOGRAMTST CONFORMITYYTY 14 WORDS ANSWERS.
The NetBeans IDE CSIS 3701: Advanced Object Oriented Programming.

The NetBeans IDE CSIS 3701: Advanced Object Oriented Programming.
Chapter 2 Developing a Web Page. A web page is composed of two distinct sections: –The head content –The body Creating Head Content and Setting Page Properties.

Chapter 2 Developing a Web Page. A web page is composed of two distinct sections: –The head content –The body Creating Head Content and Setting Page Properties.
Improving Program Performance Function Visibility in z/TPF C++ Load Modules October 2, 2015 10/2/20151American Express Public.

Improving Program Performance Function Visibility in z/TPF C++ Load Modules October 2, /2/20151American Express Public.
IP Forwarding.

IP Forwarding.
Channel Partner Conference 2013 Yarra Valley Developer Session ABM Annual Channel Partner Conference 2013.

Channel Partner Conference 2013 Yarra Valley Developer Session ABM Annual Channel Partner Conference 2013.
OFC290 Information Rights Management in Microsoft Office 2003 Lauren Antonoff Group Program Manager.

OFC290 Information Rights Management in Microsoft Office 2003 Lauren Antonoff Group Program Manager.
CNIT 127: Exploit Development Ch 4: Introduction to Format String Bugs.

CNIT 127: Exploit Development Ch 4: Introduction to Format String Bugs.
Topic 2d High-Level languages and Systems Software

Topic 2d High-Level languages and Systems Software

Similar presentations

Ads by Google