Black Hat USA 2009 4-day Training Session

July 25-28

Advanced Windows Exploitation Techniques

Offensive Security

Overview

An in depth, hardcore drilldown into advanced Windows Vulnerability Exploitation techniques from Offensive Security.

The course covers topics such as Egghunters, ASLR and NX bypassing Techniques, Function Pointer Overwrites, Heap Spraying, Venetian Shellcode Encoding and custom shellcode creation.

This course is extremely hands-on and includes a lab environment which is geared to challenge and bring the most out of you. The case studies covered include vulnerabilities discovered by our research team, or exploits written by us.

Lab Description:

The course includes a complex hands-on lab setup, which is the center of the training. Students will be provided with pre-configured VMware machines containing various vulnerabilities which are exploited throughout the course.

Topics Covered:

• Egghunters - Understanding and using Egghunters in limited space environments.
• NX Bypass - Bypassing hardware NX on modern operating systems.
• Function pointer overwrites - Overwriting a function pointer in order to get code execution.
• Heap Spraying - Spraying the heap for reliable code execution.
• Venetian Blinds - Dealing with Unicode encoding.
• Custom shellcode creation - Creating "hand made" shellcode.

Who Should Attend:

This is NOT an entry level course, previous exploitation experience in Windows environments and basic use of a debugger is required. If you write basic Windows exploits, and need a serious boost, you’re in the right place.

Prerequisites:

• Basic exploitation techniques in a Windows environment.
• Modern laptop with at least 1 GB RAM and 40 GB empty disk space.
• A will to suffer.

Trainer: Matteo Memelli

Since Matteo Memelli's first experiences in the security industry, he has been "hacked" by his passion for remote exploitation, vulnerability research and covert channels analysis. Matteo is an avid researcher and developer in the exploit field, his passion for security drove him to create this class.

As the co-creator and lead trainer of Offensive Security's first Exploit Development specialty class, Matteo is bringing exploitation training to a whole new level. This is the first course to ever offer such a variety of in depth and extreme exploitation methods.

Super Early: Ends Mar 15	Early: Ends May 1	Regular: Ends Jul 1	Late: Ends Jul 22	Onsite:
$3500	$3600	$3800	$4000	$4300