❌

Normal view

There are new articles available, click to refresh the page.
Before yesterdayExodus Intelligence

Public Mobile Exploitation Training – Fall 2023

4 August 2023 at 16:08

Mobile Exploitation Training

We are pleased to announce that the researchers of Exodus Intelligence will be providing publicly available trainingΒ in personΒ onΒ November 14 2023 in London, England.

This 4 day course is designed to provide students with both an overview of the Android attack surface and an in-depth understanding of advanced vulnerability and exploitation topics. Attendees will be immersed in hands-on exercises that impart valuable skills including static and dynamic reverse engineering, zero-day vulnerability discovery, binary instrumentation, and advanced exploitation of widely deployed mobile platforms.

Taught by Senior members of the Exodus Intelligence Mobile Research Team, this course provides students with direct access to our renowned professionals in a setting conducive to individual interactions.

Emphasis

Hands on with privilege escalation techniques within the Android Kernel, mitigations and execution migration issues with a focus on MediaTek chipsets.

Prerequisites

  • Computer with the ability to run a VirtualBox image (x64,Β recommended 1GB+ memory)
  • Some familiarity with: IDA Pro, Python, C/C++.
  • ARM ASM fluency strongly recommended.
  • Installed and usable copy of IDA Pro 6.1+, VirtualBox, Python 2.7+.

Course Information

Attendance will be limited to 18 students per course.

Cost: $5000 USD per attendee

Dates: November 14-17, 2023

Location: the London, UK area

Syllabus

Android Kernel

Β 

  • Process Management
    • General overview
    • Important structures
  • Kernel synchronization
  • Memory Management
    • General overview
    • Virtual memory
    • Memory allocators
  • Debugging environment
    • Build the kernel
    • Boot and Root the kernel
    • Kernel debugging
    • demo
  • SELinux
  • Samsung Knox/RKP
  • Type of kernel vulnerabilities
    • Exploitation primitives
    • kernel vulnerabilities overview
    • heap overflows, UAF
    • Info leakage
  • [CVE-various] Mali GPU bug
    • Mali GPU
    • Vulnerability overview
    • Exploitation
  • [CVE-2020-0466] double-free vulnerability
    • Vulnerability overview
    • Exploitation
      • type confusion to write access to globally shared memory
      • UAF which can lead to arbitrary read and write of kernel memory
    • [CVE-2021-22600] double-free vulnerability
      • Vulnerability overview
      • Exploitation – convert the double free into a use-after-free of a struct page

Β 

Mediatek / Exynos baseband

  • Introduction
    • exynos baseband overview
    • mediatek baseband overview
  • Environment
  • Previous researches
  • Analyze modem
  • Emulation / Fuzzing
  • Rogue base station
  • secure boot
  • mediatek boot rom vulnerability
    • Vulnerability overview
    • Exploitation
  • baseband debugger
    • use brom exploit to patch the tee
    • write the modem physical memory from EL1

Β 

The post Public Mobile Exploitation Training – Fall 2023 appeared first on Exodus Intelligence.

Public Browser Exploitation Training – Fall 2023

4 August 2023 at 16:05

Browser Exploitation Training

We are pleased to announce that the researchers of Exodus Intelligence will be providing publicly available trainingΒ in personΒ onΒ November 14 2023 in London, England.

This 4 day course is designed to provide students with both an overview of the current state of the browser attack surface and an in-depth understanding of advanced vulnerability and exploitation topics. Attendees will be immersed in hands-on exercises that impart valuable skills including static and dynamic reverse engineering, zero-day vulnerability discovery, and advanced exploitation of widely deployed browsers such as Google Chrome and Apple Safari.

Taught by Senior members of the Exodus Intelligence Browser Research Team, this course provides students with direct access to our renowned professionals in a setting conducive to individual interactions.

Emphasis

Hands on with privilege escalation techniques within the JavaScript implementations, JIT optimizers and rendering components.

Prerequisites

  • Computer with the ability to run aΒ VirtualBox image (x64,Β recommended 1GB+ memory)
  • Some familiarity with: IDA Pro, Python, C/C++.
  • ASM fluency.
  • Installed and usable copy of IDA Pro 6.1+, VirtualBox, Python 2.7+.

Course Information

Attendance will be limited to 18 students per course.

Cost: $5000 USD per attendee

Dates:Β  November 14-17, 2023

Location:Β  the London, UK area

Syllabus

  • JavaScript Crash Course
  • Browsers Overview
    • Architecture
    • Renderer
    • Sandbox
  • Deep Dive into JavaScript Engines and JIT Compilation
    • Detailed understanding of JavaScript engines and JIT compilation
    • Differences between major JavaScript engines (V8, SpiderMonkey, JavaScriptCore)
  • Introduction to Browser Exploitation
    • Technical aspects and techniques of browser exploitation
    • Focus on JavaScript engine and JIT vulnerabilities
  • Chrome ArrayShift case study
  • Safari NaN Speculation case study
  • JIT Compilers in depth
    • Chrome/V8 Turbofan
    • Firefox/SpiderMonkey Ion
    • Safari/JavaScriptCore DFG/FTL
  • Chrome ArrayShift case study exploitation
    • Object in-memory layout
  • Types of Arrays
  • Chrome ArrayShift case study exploitation continued
    • Garbage collection
  • Running shellcode
    • Common avenues
    • Mitigations
  • Browser Fuzzing and Bug Hunting
    • Introduction to fuzzing
    • Pros and cons of fuzzing
    • Fuzzing techniques for browsers
    • β€œSmarter” fuzzing
  • Current landscape
  • Hands-on exercises throughout the course
    • Understanding the environment and getting up to speed
    • Analysis and exploitation of a vulnerability

The post Public Browser Exploitation Training – Fall 2023 appeared first on Exodus Intelligence.

Vulnerability Assessment Course – Spring 2023

17 February 2023 at 14:27

We are pleased to announce that the researchers of Exodus Intelligence will be providing publicly available trainingΒ in personΒ onΒ March 28 2023 in Austin, TX.

The intermediate course, titled theΒ Vulnerability AssessmentΒ Class, covers a wide range of vulnerability and exploitation related topics and is intended for the beginner to intermediate level practitioner. This course is intended to prepare the student to fully defend the modern enterprise by being aware and equipped to assess the impact of vulnerabilities across the breadth of the application space.

Attendees should plan to travel and arrive prior to Tuesday, March 28th. The course work will conclude on Friday, March 31st, 2023.

Seating is limited.Β Since this training will be in person, there are a limited number of seats available.

**Later this year we will also be offering an updated version of our popularΒ Vulnerability Development Master Class. This course will cover advanced topics such as dynamic reverse engineering, kernel exploitation concepts, browser exploitation, mitigation bypasses, and other topics. Later this year we will also be offering ourΒ Mobile Vulnerability Exploitation Class. This class will cover advanced topics concerning mobile platforms.

Vulnerability Assessment Class

This 4 day course is designed to provide students with a comprehensive and progressive approach to understanding vulnerability and exploitation topics on both the Linux and Windows platforms. Attendees will be immersed in hands-on exercises that impart valuable skills including a deep dive into the various types of vulnerabilities exploited today, static and dynamic reverse engineering, vulnerability discovery, and exploitation of widely deployed server and client-side applications. This class will cover a lot of material and move very quickly.

Prerequisites

      • Computer with ability to run a virtual machines (recommended 16GB+ memory)

      • Some familiarity with debuggers, Python, C/C++, x86 ASM. IDA Pro or Ghidra experience a plus.

    • No prior vulnerability discovery experience is necessary

    Pricing and Registration

    The cost for the 4-day course is $4000 USD per student. You may register and pay below, or you can e-mail [email protected] to register and we will supply a purchase order.

    Β 

    Syllabus

    Vulnerability and risk assessment

    • NDay risk and patching timelines
    • Vulnerability terminology: CVE, CVSS, CWE, Mitre Attack, Impact, Category
    • Risk assessment
    • Vulnerability mitigation

    Web-based vulnerabilities

    • Basics of HTTP
      • Format of HTTP request and response, URI
      • Command Injection and Directory Traversal attacks
      • Cross-site scripting and cross-site request forgery
    • XML External Entity attacks
    • Request Smuggling
    • SQL Injection
    • Deserialization

    Modules include examples of affected CVEs and practicals.

    Binary exploitation

    • Basics of binaries
      • Platformns: Linux and Windows
      • x86 assembly, PE, and ELF formats
      • Stack, Heap, Dynamic modules
      • PIE, ASLR, DEP
    • Tools
      • Ghidra, WinDBG, and gdb
    • Stack buffer overflow
      • OS/Theme: Linux
      • Return to shellcode, Return to libc, Stack pivot, etc.
      • Linux-based practical and demo
    • Use after free
      • OS/Theme: Windows
      • Overview of NT Heap, LFH
      • Practical and demo

    The post Vulnerability Assessment Course – Spring 2023 appeared first on Exodus Intelligence.

    ❌
    ❌