ScheduleΒΆ
The schedule will change as the course progresses, in part based on student interests. If you are particularly interested in some topic not covered here, send mail to the course staff.
| Monday | Tuesday | Wednesday | Thursday | Friday |
| Jan 20 | Jan 21 LEC 1: Intro & Preliminary Rev. Engineering #1 U1.pptx Preparation: Read intel_asm at&t_asm Read gdb1 gdb2 Preparation: Working with SSH Servers, Clients, and Keys Resource: The Missing Semester of Your CS Education Assigned: Unit 1 First day of class |
Jan 22 | Jan 23 LEC 2: Preliminary Reverse Engineering #2 U1-x86-assembly.pptx Preparation: intelCodeTable Preparation: How debugger works (part1) (part2) (part3) Resource: x86 instruction set reference Resource: RC files .vimrc .gdbinit .pythonrc.py .tmux.conf Resource: AT&T vs. Intel Syntax 1 Resource: AT&T vs. Intel Syntax 2 |
Jan 24 |
| Jan 27 | Jan 28 LEC 3: Preliminary Reverse Engineering #3 U1-data-encoding.pptx TUT 1: tutorial level0 TUT 2: tutorial level6 Preparation: UTF8-history.txt Resource: unicode and character sets Resource: unicode and character sets in 2023 Resource: Signed Binary Resource: Mark Watney's ASCII |
Jan 29 | Jan 30 LEC 4: Buffer overflow #1 U2.pptx TUT 3: pwntool tutorial pwntools.md or link Preparation: Read Phrack #49-14 Preparation: Read Where the top of the stack is on x86 Preparation: Read Stack frame layout on x86-64 Preparation: READ Pwntools DUE: Unit 1 Resource: pwntools template ex.py Assigned: Unit 2 |
Jan 31 |
| Feb 3 | Feb 4 LEC 5: Buffer overflow #2 U2-pwntools.pptx TUT 4: gdb gdb commands TUT 5: tutorial #2-0 tut-bof-level0 TUT 6: tutorial #2-2 tut-bof-level2 TUT 7: tutorial #2-5 tut-bof-level5 |
Feb 5 | Feb 6 LEC 6: Frame-pointer attack TUT 8: gdb-intro TUT 9: gdb-coredump TUT 10: pwntools pwntools-tut Preparation: Read Core dump |
Feb 7 |
| Feb 10 | Feb 11 LEC 7: Writing Shellcode #1 U3.pptx TUT 11: shellcode template shellcode-template TUT 12: shellcode 32/64-bit shellcodes with zeros TUT 13: nonzero-shellcode 64-bit Non-zero DUE: Unit 2 Resource: Shellcodes database Resource: Online assembler/disassembler Assigned: Unit3-Part1 |
Feb 12 | Feb 13 LEC 8: Writing Shellcode #2 Resource: Anatomy of a system call Part1 Part2 Resource: Linux System Call Table (x86/IA32) Resource: Linux System Call Table (x86_64/AMD64) |
Feb 14 |
| Feb 17 | Feb 18 LEC 9: Writing Shellcode #3 TUT 14: tutorial nonzero 64-bit TUT 15: tutorial sc-bof-challenges TUT 16: tutorial md online TUT 17: tutorial 64-bit with zeros Preparation: How programs get run Preparation: How programs get run: ELF binaries Preparation: READ About ELF Auxiliary Vectors Preparation: READ Linux x86 Program Start Up Assigned: Unit3-Part2 |
Feb 19 | Feb 20 LEC 10: Writing Shellcode #4 U3P2.pptx DUE: Unit3-Part1 Resource: one byte or short instructions Resource: X86 Opcode and Instruction Reference Resource: AMD64 Opcode and Instruction Reference Resource: READ ASCII ASCII-2 Resource: READ Alpha-numeric Alpha-numeric-2 |
Feb 21 |
| Feb 24 | Feb 25 LEC 11: ASCII and Alpha-numeric shellcode challenges |
Feb 26 | Feb 27 LEC 12: Intro to system defenses; Stack Cookie, DEP, and ASLR Preparation: READ SoftBound Preparation: READ StackGuard Preparation: Virtgual-Address-Translation |
Feb 28 |
| Mar 3 | Mar 4 LEC 13: ASLR and bypasses + Some tips for ASLR, Stack Cookie, and DEP Preparation: READ Address Space Randomization (ASLR) Preparation: READ ASLR Next Generation DUE: Unit3-Part2 Assigned: Unit4 |
Mar 5 | Mar 6 LEC 14: Some tips for ASLR, Stack Cookie, and DEP Preparation: READ PIC in shared libraries |
Mar 7 |
| Mar 10 | Mar 11 LEC 15: Return-oriented Programming 1 |
Mar 12 | Mar 13 LEC 16: Return-oriented Programming 2 / Advanced Return-oriented Programming DUE: Unit 4 Assigned: Unit 5 |
Mar 14 |
| Mar 17 Spring break |
Mar 18 Spring break |
Mar 19 Spring break |
Mar 20 Spring break |
Mar 21 Spring break |
| Mar 24 | Mar 25 LEC 17: Mid-term make up (I) DUE: Unit 5 Assigned: Unit 6 |
Mar 26 | Mar 27 LEC 18: Mid-term make up (II) |
Mar 28 |
| Mar 31 | Apr 1 LEC 19: Arbitrary read/write and Format Strings 1 |
Apr 2 | Apr 3 LEC 20: Arbitrary read/write and Format Strings 2 DUE: Unit 6 Assigned: Unit 7 |
Apr 4 |
| Apr 7 | Apr 8 LEC 21: Defenses Against AR and AW |
Apr 9 | Apr 10 LEC 22: Advanced Topic I |
Apr 11 |
| Apr 14 | Apr 15 LEC 23: Advanced Topic II DUE: Unit 7 Assigned: Unit 8 |
Apr 16 | Apr 17 LEC 24: Advanced Topic III |
Apr 18 |
| Apr 21 | Apr 22 LEC 25: Heap Overflow Intro |
Apr 23 | Apr 24 LEC 26: More on Heap Overflow |
Apr 25 |
| Apr 28 | Apr 29 LEC 27: Past problems review I, advanced System Security Defenses -- ShadowStack, CFI, and other defenses DUE: Unit 8 |
Apr 30 | May 1 LEC 28: Last class, In-class CTF intro Assigned: In-class CTF |
May 2 |
| May 5 | May 6 | May 7 | May 8 | May 9 The last day of class |