PISA AGM cum Feature Talk: Road to Defcon (25 Aug 2018) Date: 25 Aug 2018 (Sat)Time: 14:00 -...
Information Security Summit 2018 Date: 4-5 Sep, 2018Time: 8:30am - 6:00pmVenue: Hong Kong...
IoT Security Forum Date : 29 August 2018, WednesdayTime : 2:00 pm - 5:00 pm (Registration start...
Date : Feb 20, 2016
Time : 10am-5pm (one hour lunch time included)
Venue : Room ADC301, HKU SPACE Admiralty Learning Centre
Language : Mandarin
Registration : http://goo.gl/pwomCM (PISA member only)
** Equipment : You should bring your notebook with VM player installed and you should have a full administrative privilege login to perform the exercise in the workshop
Speaker : Orange Tsai, Security Consultant of DEVCORE, member of CHROOT/HITCON, Speaker of HITCON/AVTokyo/WooYun, DEFCON CTF Runner-up, discovered vulnerabilities and reported to Microsoft, Django, Yahoo, Facebook and Google. Orange is specialize in hacking methodology, web security and penetration testing
Topic : Deep dive of Exploit Writing
Exploit Writing Introduction and Prerequisite
- Binary Execution
- ccl (C compiler)
- ld (linker)
- Simple ELF (Executable and Linkable Format) Structure
- Calling Convention
- Call Stack
- Static/Dynamic Analysis & Tools
- Memory Based Attack
Hands on workshop
- How to writing Exploit
- introduction of different kind of Attack
-- Stack Buffer Overflow
-- Format String (optional)
-- Shellcode Writing
-- Stack Canary
-- DynELF leak libc base
Six CPE can be claimed for the (ISC2) Credential Holder.