The maintainers of http://www.dontstuffbeansupyournose.com (Stephen C. Lawler and Stephen A. Ridley) have developed a course entitled “Practical ARM Exploitation”. The purpose of the course is to introduce students with prior basic exploitation experience (on other architectures) to “real world” exploitation scenarios on the ARM processor architecture. The reality is that exploitation these days is harder and a bit more nuanced than it was in the past with the advent of protection mechanisms like XN, ASLR, stack cookies, etc. As such, this course is called “practical” because it aims to teach exploitation on ARM under the real-world circumstances in which the exploit developer will encounter (and have to circumvent) these protection mechanisms. The course materials focus on advanced exploitation topics (circumventing protection mechanisms) using Linux as the platform as a basis to learn the ARM architecture but with the obvious applications being platforms running on mobile phones, tablets, embedded devices, etc.
Our hope is that students with some previous exploitation experience go from knowing nothing about ARM on the first day to exploiting custom heap implementation (bypassing ASLR, NX) using their hand-built ROP connect-back-shell payload on the the last day.
The course contains the following:
Students taking the “Practical ARM Exploitation” course should have a intermediate software exploitation background on another architecture (such as x86)
They should have hands-on familiarity with the following concepts:
Stephen Lawler and Stephen A. Ridley were research partners at a major U.S Defense contractor that supported the U.S. defense and intelligence communities in areas of information security research and development. Since then they have have worked for different companies but stay in contact to collaborate with each other “after hours” on interesting areas of research. Together they maintain the blog http://www.dontstuffbeansupyournose.com
