ARM Reverse Engineering & Exploitation Primer
Oct 4th and 5th, 2023Grand Hyatt, Kochi, India
WS-03
ARM Reverse Engineering & Exploitation Primer
These days, due to relatively large amount of prerequisites, intrinsically subtle nature of memory corruption bugs and decades of evolution in software security area, it can get quite challenging to keep the first-foot in the world of exploitation.
This 2-day hands-on workshop is designed to fill that gap and help the attendees kickstart their exploitation journey in ARM environment, which is almost everywhere in IoT world. It starts with familiarising the attendees with ARM ecosystem (intricacies of architecture and instruction set) and move into reverse engineering ARM binaries to develop a higher-level understanding of software components. On day-2, we demonstrate how exploitation of a vulnerable component in software can lead to compromise of victim machine. After achieving code execution, we dive into crafting custom shellcode allowing us to control victim machine according to our will.
Course Content (ToC):
Topic marked as (*) are optional and are subject to time constraints.
- Day-1 (ARM assembly and Software Reverse Engineering)
- Understanding ARM Assembly
- Introduction to ARM Architecture
- ARM Instruction Set Architecture
- Data Processing Instructions
- Data Movement Instructions
- Control Flow instructions
- ARM Function calling conventions
- Procedure Call Standard (AAPCS)
- Stack Operations
- System calling conventions
- RTFM
- Introduction to Software Reverse Engineering – Reconstructing Source Code
- Static Analysis using Ghidra
- Dynamic Analysis
- *RE challenge
- Understanding ARM Assembly
- Day-2 (Exploitation and Shellcoding)
- Exploitation
- Introduction to Process Memory Model
- Introduction to Process Memory Model
- jumping to legitimate feature.
- jumping inside vulnerable buffer.
- Case study - why does my exploit fails outside GDB ?
- Achieving reliable shellcode execution using process environment
- *Brief Introduction to Exploit Protections
- ASLR
- XN/NX/DEP
- Stack canaries
- RELRO
- The Dark Art of Writing ARM Shellcode
- Introduction to Position Independent Code
- Constraints while crafting poison pills
- execve shellcode
- bind shell payload
- reverse shell payload
- *Demo – Dancing LEDs using bare-metal shellcode.
- Exploitation
Pre-requisite:
- Familiarity with Linux command line.
- Being able to read source code for C programming language
Participants Requirements:
- Laptop with approx. 50 GB of free space.
- Virtualbox installed on host OS (latest version – 7.x)
- 8+ GB minimum RAM (4+GB for the VM).
- Admin access to the laptop
Duration:
2 Days (6-8 hours/day)
Who should attend
- Software/Security Engineers.
- Security Researchers
- Penetration Tester
- Anyone having keen interest in reverse engineering, exploit development and shellcoding.
What to expect
By the end of this workshop, attendees should independently be kickstart their journey into software security research. Attendees should expect solid foundation on -
- Reverse Engineer software targetted to run on ARM CPUs.
- Software execution at CPU level.
- Exploitation of stack buffer overflows
- Writing custom shellcode.
What not to expect:
Becoming a software security expert overnight.
Speakers
Abhinav Thakur
Security Researcher , Payatu Security Consulting Pvt. Ltd. , India Abhinav Thakur is currently working as an IoT Security Researcher at Payatu. Having experience working with malicious software and binary analysis, he specializes in reverse engineering and breaking digital devices. Currently targeting IoT devices varying from simple bare-metal systems to complex OS-based systems. He spends most of the day understanding system internals and developing payload to achieve unintended behaviour on his targets.
ORGANIZED BY
ORGANIZING PARTNERS
PLATINUM SPONSORS
GOLD SPONSORS
SILVER SPONSORS
BRONZE SPONSORS
COMMUNITY PARTNERS
NETWORKING PARTNER
MEDIA PARTNERS
STRATEGIC PARTNER
Jet Suit demo partner