Error message

User warning: The following module has moved within the file system: ldap_user. In order to fix this, clear caches or put the module back in its original location. For more information, see the documentation page. in _drupal_trigger_error_with_delayed_logging() (line 1181 of /usr/local/stow/drupal-7.89/lib/drupal-7.89/includes/bootstrap.inc).

Recitations and exercises

Note: Please read the general instructions first.

 

Week Submission Date Topic Recitation Exercise Comments
0 16.03.2015 Intro to x86 Assembly  [pptx] [pdf] [pdf] [ex_pack] The exercise PDF has been updated to clarify some issues.
Please follow the revised version when submitting.
1 23.03.2015

Reverse Engineering and

Binary Patching

[pptx] [pdf] [pdf] [ex_pack] https://www.youtube.com/watch?v=GxOdeSG3veA
2 12.04.2015

Python and Stack Overflows

[pptx] [pdf]

[pptx] [pdf]

[pdf] [upd] [ex_pack]

I hope you find these videos useful

Getting Started

Q3-Guideline

More

3+4

15.04.2015

TCP socket programming

Shellcodes - remote & polymorphic

[pptx] [pdf]

[pptx] [pdf]

[pdf] [ex_pack]

GOT

Exercise sheet updated with clearer submission guidelines.

We've updated the policy with regards to the binary versions - please read this forum post.

5 21.04.2015 ROP - Return Oriented Programming [pptx] [pdf] [pdf] [ex_pack] Please note the password for stacko1 from ex02 will not work here. but the off-by-one will
6 27.04.2015

Logical Vulnerabilities and Information Disclosure

[pptx] [pdf] [pdf] [ex_pack]  
7 5.05.2015

Rootkits and Forensics

[pptx] [pdf] [pdf] [ex_pack]  
8 11.05.2015

Communication Protocols

[pptx] [pdf] [pdf] [ex_pack]  
9 18.05.2015 Communication Protocol Attacks continued & Web Primer [pptx] [pdf]

[pdf] [ex_pack]

Since the recitation was a little hard to follow, please read through the recitation slides and related material (the ex_pack has a folder with the demos shown in class as well).
If you have any issues or questions, please contact us or submit further questions before the upcoming review-recitation.

 

For those that asked for a link to the scapy documentation:

http://www.secdev.org/projects/scapy/doc/

10+11 1.6.2015 SQLI & XSS (R10+11) [pptx] [pdf]

[pdf]  [ex_pack_1]

[ex_pack_2]

[Source Insight]

[elgg]

 
12 8.6.2015

 

Fuzzing

 

[pptx] [pdf] [pdf] [ex_pack]  
12   Smartphone Security [pptx] [pdf] [pdf] [ex_pack]  
13   Hacking Operations [pptx] [pdf] [pdf] [ex_pack]  
14     [pptx] [pdf] [ex_pack]  

 

Resources:

Will be added soon. Please talk to the teaching assistants if there is any particular subject you need a good reference to.