Immunity Windows Overflow

General information Code: IWO Duration: 2 days Present: 8 maximum Price: 1600 € HT Public concerned Expert consultant/in safety Analyst of program Developer Pre-necessary Programming in C/C Means Support of course (English) 100% of practical exercises 1 PC by anybody Connection Internet Windows environment of test CD with tools and exercises CANVAS VisualSploit OllyDbg Objectives To include/understand and exploit the vulnerabilities of the applicatif type under Windows. To implement attacks of the applicatif type via CANVAS and VisualSploit.	Description This course produced by Immunity, Inc (www.immunityinc.com), is an intensive introduction to the exploitation of vulnerabilities of the type stack overflow into the Windows applications This session is mainly directed put into practice through the analysis of the operation of the memory, the search for vulnerabilities and their exploitation. The stress is also laid on the use of CANVAS (professional platform of exploitation of vulnerabilities for the test of penetration) and of VisualSploit (recent graphic tool of creation and generation of exploit). This formation will be used mainly to the consultants in safety and to the analysts wishing to obtain solids bases relating to the exploitation of the vulnerabilities in the services or Windows applications and the development of their impact/carried at the time of technical audits of safety The developers and analysts of code will also learn methodologies there from search and exploitation for faults in the in-house developed applicatifs
	Day 1 Windows stack overflow Basics Diagnosis of BASIC stack overflows Construction of stack overflows Applicable Finding jump-points Using OllyDbg for exploit development Analyzing exploitation problems	Day 2 Coil-driven Windows Stack Overflow Shellcode Walkthrough and Creation SEH Handling for Fun and Profit