ScheduleΒΆ
The schedule will change as the course progresses, in part based on student interests. If you are particularly interested in some topic not covered here, send mail to the course staff.
| Monday | Tuesday | Wednesday | Thursday | Friday |
| Jan 20 | Jan 21 LEC 1: Intro & Preliminary Rev. Engineering #1 U1.pptx Preparation: Read intel_asm at&t_asm Read gdb1 gdb2 Preparation: Working with SSH Servers, Clients, and Keys Resource: The Missing Semester of Your CS Education Assigned: Unit 1 First day of class |
Jan 22 | Jan 23 LEC 2: Preliminary Reverse Engineering #2 U1-x86-assembly.pptx Preparation: intelCodeTable Preparation: How debugger works (part1) (part2) (part3) Resource: x86 instruction set reference Resource: RC files .vimrc .gdbinit .pythonrc.py .tmux.conf Resource: AT&T vs. Intel Syntax 1 Resource: AT&T vs. Intel Syntax 2 |
Jan 24 |
| Jan 27 | Jan 28 LEC 3: Preliminary Reverse Engineering #3 U1-data-encoding.pptx TUT 1: tutorial level0 TUT 2: tutorial level6 Preparation: UTF8-history.txt Resource: unicode and character sets Resource: unicode and character sets in 2023 Resource: Signed Binary Resource: Mark Watney's ASCII |
Jan 29 | Jan 30 LEC 4: Buffer overflow #1 U2.pptx TUT 3: pwntool tutorial pwntools.md or link Preparation: Read Phrack #49-14 Preparation: Read Where the top of the stack is on x86 Preparation: Read Stack frame layout on x86-64 Preparation: READ Pwntools DUE: Unit 1 Resource: pwntools template ex.py Assigned: Unit 2 |
Jan 31 |
| Feb 3 | Feb 4 LEC 5: Buffer overflow #2 U2-pwntools.pptx TUT 4: gdb gdb commands TUT 5: tutorial #2-0 tut-bof-level0 TUT 6: tutorial #2-2 tut-bof-level2 TUT 7: tutorial #2-5 tut-bof-level5 |
Feb 5 | Feb 6 LEC 6: Frame-pointer attack TUT 8: gdb-intro TUT 9: gdb-coredump TUT 10: pwntools pwntools-tut Preparation: Read Core dump |
Feb 7 |
| Feb 10 | Feb 11 LEC 7: Writing Shellcode #1 U3.pptx TUT 11: shellcode template shellcode-template TUT 12: shellcode 32/64-bit shellcodes with zeros TUT 13: nonzero-shellcode 64-bit Non-zero DUE: Unit 2 Resource: Shellcodes database Resource: Online assembler/disassembler Assigned: Unit3-Part1 |
Feb 12 | Feb 13 LEC 8: Writing Shellcode #2 Resource: Anatomy of a system call Part1 Part2 Resource: Linux System Call Table (x86/IA32) Resource: Linux System Call Table (x86_64/AMD64) |
Feb 14 |
| Feb 17 | Feb 18 LEC 9: Writing Shellcode #3 TUT 14: tutorial nonzero 64-bit TUT 15: tutorial sc-bof-challenges TUT 16: tutorial md online TUT 17: tutorial 64-bit with zeros Preparation: How programs get run Preparation: How programs get run: ELF binaries Preparation: READ About ELF Auxiliary Vectors Preparation: READ Linux x86 Program Start Up Assigned: Unit3-Part2 |
Feb 19 | Feb 20 LEC 10: Writing Shellcode #4 U3P2.pptx DUE: Unit3-Part1 Resource: one byte or short instructions Resource: X86 Opcode and Instruction Reference Resource: AMD64 Opcode and Instruction Reference Resource: READ ASCII ASCII-2 Resource: READ Alpha-numeric Alpha-numeric-2 |
Feb 21 |
| Feb 24 | Feb 25 LEC 11: ASCII and Alpha-numeric shellcode challenges |
Feb 26 | Feb 27 LEC 12: Intro to system defenses; Stack Cookie, DEP, and ASLR U4.pptx Preparation: READ SoftBound Preparation: READ StackGuard Preparation: Virtgual-Address-Translation |
Feb 28 |
| Mar 3 | Mar 4 LEC 13: ASLR and bypasses + Some tips for ASLR, Stack Cookie, and DEP Preparation: READ Address Space Randomization (ASLR) Preparation: READ Just-in-Time Code Resuse DUE: Unit3-Part2 Assigned: Unit4 |
Mar 5 | Mar 6 LEC 14: Some tips for ASLR, Stack Cookie, and DEP |
Mar 7 |
| Mar 10 | Mar 11 LEC 15: Some tips for ASLR, Stack Cookie, and DEP TUT 18: cookie-1 TUT 19: DEP-2 TUT 20: aslr-2 TUT 21: aslr-3 TUT 22: tutorials execve Preparation: READ PIC in shared libraries |
Mar 12 | Mar 13 LEC 16: Return-oriented Programming 1 U5.pptx Preparation: Read ROP DUE: Unit 4 (extended to Mar 18 Midnight) Assigned: Unit 5 |
Mar 14 |
| Mar 17 Spring break |
Mar 18 Spring break |
Mar 19 Spring break |
Mar 20 Spring break |
Mar 21 Spring break |
| Mar 24 | Mar 25 LEC 17: Return-oriented Programming 2 / Advanced Return-oriented Programming Preparation: READ ROP Preparation: Read How does the Linux kernel run a program |
Mar 26 | Mar 27 LEC 18: (Advanced Topic) Python Runtime Internals pyc-decompilation.pptx Assigned: PYC Decompilation |
Mar 28 |
| Mar 31 | Apr 1 LEC 19: PYC Decompilation I DUE: Unit 5 |
Apr 2 | Apr 3 LEC 20: PYC Decompilation II |
Apr 4 |
| Apr 7 | Apr 8 LEC 21: PYC Decompilation III |
Apr 9 | Apr 10 LEC 22: Arbitrary read/write and Format Strings 1 U6.pptx DUE: PYC Decompilation Assigned: Unit 6 |
Apr 11 |
| Apr 14 | Apr 15 LEC 23: Arbitrary read/write and Format Strings 2 TUT 23: tutorial SR-1-PY TUT 24: tutorial AR-1-PY TUT 25: tutorial AW-1-PY |
Apr 16 | Apr 17 LEC 24: Defenses Against AR and AW TUT 26: tutorial FS-AW-64-PY TUT 27: tutorial exploit-b-fs-write.py TUT 28: tutorial exploit-c-fs-code.py TUT 29: tutorial code-32-PY |
Apr 18 |
| Apr 21 | Apr 22 LEC 25: Heap Overflow Intro U8.pptx DUE: Unit 6 Assigned: Unit 8 |
Apr 23 | Apr 24 LEC 26: More on Heap Overflow U8L2.pptx |
Apr 25 |
| Apr 28 | Apr 29 LEC 27: Past problems review I, advanced System Security Defenses -- ShadowStack, CFI, and other defenses |
Apr 30 | May 1 LEC 28: Last class, In-class CTF intro Assigned: In-class CTF |
May 2 |
| May 5 | May 6 LEC 29: No class DUE: Unit 8 |
May 7 | May 8 | May 9 The last day of class |