Day 1: Arm (A32 & A64) Architecture Internals, Assembly, and Shellcode Development
Day 2: Static and Dynamic Analysis, and Memory Corruptions
Day 3: Exploit Development for Router Firmware with Advanced ROP Techniques
For researchers aiming to keep up with the latest technology trends, the Arm architecture has become more relevant than ever. Until recently, Arm assembly was mostly found in mobile and IoT devices. Nowadays, more and more laptops and servers are based on the Arm architecture.
Now is the perfect time to level up your skills with the most beautiful assembly language: Arm!
The first day of this course is designed to give you a deep understanding of the Arm architecture and the A32 and A64 instruction sets. Not only will you learn how to read Arm assembly, but you will also develop your own assembly code (shellcode) to deepen your understanding.
During the second day, you will use your newly acquired assembly knowledge to perform static and dynamic analysis of compiled programs, as well as debug memory corruption vulnerabilities.
Based around two real-world router firmware targets, the third day will teach you the process of building and debugging memory-corruption exploits from scratch, and develop advanced mprotect ROP chains to exploit a vulnerability in real router firmware.
Bonus content:
Learning doesn't stop after the training! On top of all the course material including slides, solution slides and scripts, and the lab workbook, attendees will receive the bonus content worth 3 extra training days for free. This includes slides, solution slides, solution exploits, and step-by-step
lab instructions (workbook):
- Format String vulnerabilities
- Bypassing ASLR with information leaks
- Bypassing Stack Canaries with info leaks
- Lab: write exploit to bypass ASLR
- Lab: write exploit to bypass Stack Canaries
- Introduction to heap exploitation
- Heap layout, malloc, free, corrupting vtables
- Categories of heap vulnerabilities
- Concepts and heap exploitation techniques
- Lab: write exploit to bypass ASLR
- Lab: Use-after-free Heap Exploit
- Lab: Trigger the heap overflow
- Lab: Build a relative read exploit primitive
- Lab: Build an arbitrary read exploit primitive
- Lab: Build a complete exploit chain to bypass all on-device mitigations
Additionally, all attendees will receive free access to the upcoming online training courses for the same topics (including bonus content topics).
This course is for you if you...
... enjoy learning new skills and challenge yourself,
... are detail-oriented and not scared of assembly,
... want to expand your skill set to gain a competitive advantage in the workforce,
... don't have experience with Arm assembly but always wanted to learn it,
... have experience with other instruction sets but want add Arm to your portfolio, or
... are a macOS researcher who wants to speak the language of the M1 chip
Do I need Arm assembly knowledge to take this course?
No. Even if this is your first assembly language, you will learn it from scratch during this course. The course will start from the very beginning and work up to more advanced topics.
I already know x86/64 assembly; is this course for me?
Yes. If your focus has primarily been on other architectures, and you want to expand your skill set for the cases where you need to deal with Arm-based binaries, this course is for you.
I'm not a malware analyst / vulnerability researcher / reverse engineer, but I would like to become one. Is this course for me?
Yes. If you want to become a vulnerability researcher or malware analyst, being able to read disassembly to perform low-level analysis is a core skill requirement. Analyzing the disassembly of a vulnerable or suspicious function can help you understand under which conditions it is triggered or the precise data stream required to exploit it without crashing the program.
Learn Arm 32-bit Assembly
Learn the internals of the A32 instruction set.
Learn Arm 64-bit Assembly
Learn the internals of the A64 instruction set.
Reverse Engineer Binaries
Practice your assembly skills with reversing challenges.
Debug Vulnerabilities
Debug and trigger a real router vulnerability.
Write Exploits
Write exploits and hack a real-world router firmware.
Practical labs designed to deepen your understanding of each concept you are learning during the lesson. Every lab comes with instructions and solution slides and/or solution scripts to ensure that you won't get left behind if you take longer during lab time.
Who wants to stare at boring text slides for days? Nobody. Azeria Labs courses are designed to improve the learning experience by addressing different learning styles. Packed with aesthetically pleasing visual explanations of complex technical concepts, the course material helps ensure attendees understand and retain more knowledge and learn faster.
To keep participants engaged and on track, attendees will receive a physical workbook to guide them through each lab. This comprehensive training workbook is designed to take attendees step-by-step through every concept taught in class, reinforcing learning and making sure no step is overlooked.
Lose no time on complicated installations, managing dependencies, or troubleshooting configuration problems on software before class. Attendees get pre-configured and ready-to-use lab environments with all necessary tools, scripts, exploit templates, and emulations, in form of a VM or cloud access.
Tired of simple buffer overflow challenges? Waste no time and get your hands on real targets. Analyze real vulnerabilities in router firmware, debug processes, and by the end of the course you will have written an N-day exploit and bypassed on-device exploit mitigations.