{FR] Application Security 101

This workshop will try to explain you from the very beginning the most common vulnerabilities identified in x86_32 binary applications, i.e. buffer overflow, use-after-free, format string and integer under/overflow.

This workshop starts with the basics of what is a computer and its structure with a focus on the CPU and the memory. We will try to explain what is going on whenever the user execute an application and go through an assembly crash-course.

Once the background theory (50%) covered, we will explain each vulnerabilities with easy hands-on examples. To goal of this workshop is not to demonstrate complex exploitation but rather giving all the necessary information to understand and exploit such vulnerabilities.

What will this course teach you? - Understanding the structure and purpose of a CPU - Basics of assembly - Understanding and exploiting basic buffer overflow - Understanding and exploiting basic use-after-free vulnerability - Understanding and exploiting basic format string vulnerability - Understanding and exploiting basic integer overflow and underflow vulnerabilities

What this course won’t teach you? - Reverse engineering - Coding in C or Assembly (although we will briefly cover both) - Explain, use and create fuzzers - Create you own shellcode - By-passing security measures (ASLR, NX, cannary, fortify, etc).

À propos de Antonin Beaujeant @beaujeant