ScheduleΒΆ
The schedule will change as the course progresses, in part based on student interests. If you are particularly interested in some topic not covered here, send mail to the course staff.
Monday | Tuesday | Wednesday | Thursday | Friday |
Jan 15 MLK Day |
Jan 16 School closing |
Jan 17 | Jan 18 LEC 1: Intro & Preliminary Rev. Engineering #1 U1.pptx Preparation: Read intel_asm at&t_asm Read gdb1 gdb2 Resource: How debgger works (part1) (part2) (part3) Resource: The Missing Semester of Your CS Education Resource: CMU CS 213 First day of class |
Jan 19 |
Jan 22 | Jan 23 LEC 2: Preliminary Reverse Engineering #2 TUT 1: tutorial #1-1 TXT TUT 2: tutorial #2 TXT Preparation: intelCodeTable Resource: x86 instruction set reference Assigned: Unit 1 |
Jan 24 | Jan 25 LEC 3: Preliminary Reverse Engineering #3 TUT 3: tutorial level5 Preparation: UTF8-history.txt Resource: unicode and character sets Resource: unicode and character sets in 2023 Resource: Signed Binary Resource: Mark Watney's ASCII |
Jan 26 |
Jan 29 | Jan 30 LEC 4: Buffer overflow #1 U2.pptx TUT 4: gdb gdb commands TUT 5: pwntool tutorial pwntools.md or link Preparation: Read Phrack #49-14 Preparation: Read Where the top of the stack is on x86 Preparation: Read Stack frame layout on x86-64 Preparation: READ Pwntools |
Jan 31 | Feb 1 LEC 5: Buffer overflow #2 TUT 6: tutorial #2-0 tut-bof-level0 TUT 7: tutorial #2-2 tut-bof-level2 DUE: Unit 1 Assigned: Unit 2 Resource: pwntools template ex.py Resource: RC files .vimrc .gdbinit .pythonrc.py .tmux.conf |
Feb 2 |
Feb 5 | Feb 6 LEC 6: Frame-pointer attack TUT 8: tutorial #2-5 tut-bof-level5 TUT 9: tutorial #2-5 gdb-coredump Preparation: Read Core dump |
Feb 7 | Feb 8 LEC 7: Writing Shellcode #1 U3.pptx U3.pdf Resource: X86 Opcode and Instruction Reference Resource: AMD64 Opcode and Instruction Reference Resource: Shellcodes database Resource: Online assembler/disassembler |
Feb 9 |
Feb 12 | Feb 13 LEC 8: Writing Shellcode #2 DUE: Unit 2 Resource: AT&T vs. Intel Syntax 1 Resource: AT&T vs. Intel Syntax 2 Resource: Anatomy of a system call Part1 Part2 Resource: Linux System Call Table Assigned: Unit3-Part1 |
Feb 14 | Feb 15 LEC 9: Writing Shellcode #3 TUT 10: tutorial md online TUT 11: tutorial 64-bit with zeros Preparation: How programs get run Preparation: READ About ELF Auxiliary Vectors Preparation: READ Linux x86 Program Start Up Resource: one byte or short instructions |
Feb 16 |
Feb 19 | Feb 20 LEC 10: Writing Shellcode #4 TUT 12: tutorial nonzero 64-bit TUT 13: tutorial sc-bof-challenges Preparation: READ Alpha-numeric Alpha-numeric-2 Resource: READ ASCII ASCII-2 Assigned: Unit3-Part2 |
Feb 21 | Feb 22 LEC 11: Intro to system defenses; Stack Cookie, DEP, and ASLR U3P2.pptx U3P2.pdf Preparation: READ SoftBound Preparation: READ StackGuard Preparation: Virtgual-Address-Translation DUE: Unit3-Part1 |
Feb 23 |
Feb 26 | Feb 27 LEC 12: ASLR and bypasses + Some tips for ASLR, Stack Cookie, and DEP Preparation: READ Address Space Randomization (ASLR) Preparation: READ ASLR Next Generation |
Feb 28 | Feb 29 LEC 13: Some tips for ASLR, Stack Cookie, and DEP U4.pptx U4.pdf TUT 14: cookie-1 TUT 15: DEP-2 TUT 16: aslr-2 TUT 17: aslr-3 TUT 18: cookie-3 Preparation: READ PIC in shared libraries DUE: Unit3-Part2 Assigned: Unit4 |
Mar 1 |
Mar 4 | Mar 5 LEC 14: Delayed |
Mar 6 | Mar 7 LEC 15: Delayed |
Mar 8 |
Mar 11 Spring break |
Mar 12 Spring break |
Mar 13 Spring break |
Mar 14 Spring break |
Mar 15 Spring break |
Mar 18 | Mar 19 LEC 16: Delayed |
Mar 20 | Mar 21 LEC 17: Return-oriented Programming 1 U5.pptx U5.pdf TUT 19: tutorial tut-rop64 TUT 20: tutorials ROP-1-32 ROP-1-64 Preparation: Read ROP DUE: Unit 4 Assigned: Unit 5 |
Mar 22 |
Mar 25 | Mar 26 LEC 18: Return-oriented Programming 2 / Advanced Return-oriented Programming Preparation: READ ROP Preparation: Read How does the Linux kernel run a program |
Mar 27 | Mar 28 LEC 19: Advanced Return-oriented Programming TUT 21: tutorial rop-5-32 Preparation: READ How programs get run: ELF binaries Preparation: READ Linux x86 Program Start Up Preparation: Read got/plt and PIC |
Mar 29 |
Apr 1 | Apr 2 LEC 20: Arbitrary read/write and Format Strings 1 U6.pptx U6.pdf TUT 22: tutorial SR-1-PY TUT 23: tutorial AR-1-PY DUE: Unit 5 Assigned: Unit 6 |
Apr 3 | Apr 4 LEC 21: Arbitrary read/write and Format Strings 2 |
Apr 5 |
Apr 8 | Apr 9 LEC 22: Defenses Against AR and AW U6L2.pptx U6L2.pdf TUT 24: tutorial FS-AW-64-PY TUT 25: tutorial FS-CODE-32-PY |
Apr 10 | Apr 11 LEC 23: Python Interpter Internals DUE: Unit 6 Assigned: Unit 7 |
Apr 12 |
Apr 15 | Apr 16 LEC 24: Python Bytecode reversing |
Apr 17 | Apr 18 LEC 25: Windows Exploitation Intro and Binary Analysis |
Apr 19 |
Apr 22 | Apr 23 LEC 26: Heap Overflow Intro U7.pptx U7.pdf DUE: Unit 7 Assigned: Unit 8 |
Apr 24 | Apr 25 LEC 27: More on Heap Overflow U7L2.pptx U7L2.pdf |
Apr 26 |
Apr 29 | Apr 30 LEC 28: Past problems review I, advanced System Security Defenses -- ShadowStack, CFI, and other defenses U8.pptx U8.pdf Resource: CET by Intel |
May 1 | May 2 LEC 29: Last class, In-class CTF intro 1-babyheap-tut.py 2-heapovfl-tut.py DUE: Unit 8 Assigned: In-class CTF: May 3 6:00 PM ~ May 5 5:59 PM (48 hours) |
May 3 |