The hottest stuff in Malaysia is back!! This is an event that you shouldn`t miss at all. Learn with your heart all about network security from professional network admins to the underground blackat community. Based on my experience in the past HITB, this is a conference that you shouldn't miss especially if your job/works/studies is related to the IT Market.
Unfortunely , the price for the conference may be a little deep for normal Malaysian students, well you can go out and volunteer yourself! (some skills are required) and you can get to know the guys better :)
Well what interest me is the CTF game!!.Capture the Flag
Last year , as a winner of the Uitm I-Hack Competition 2006 me and my team managed to get a free seat for the HiTB CTF. Little does we know it really surprise us! Basically it's all about
reverse engineering / binary hacking / exploit writing
Non of these is related to any web hacking like th Uitm. I knew we are considered as f*** n00bs that always being tapau from that moment. Never less what surprise me is that most of the participants from Malaysia also don`t have a clue on wat's goin on .
Well a year have pass.
This time i think i`m quite confident on howto debug and detect the exploits. But seems like the competiton is getting tougher each year! Will my team managed to at least get some respectable place?
Strategies on winning.
1. Analysis of each services running on the box.
2. Scan for available listening port. (on localhost no need for nmap and blax3)
3. Analysize binary for exploitation
4. Write exploits.
Things to read on.
1. Izis paper on randomize va space attack.
2. Shellcoding operand.
3. Overwriting heap/stack
4. Assemble , Dissasemble and Fun with C :)
Anymore suggestion?
2 comments:
You mentioned "Izis paper on randomize va space attack." is this freely available anywhere?
I'm trying to dig up some information on that at the moment but it seems to be pretty hard to find.
lowlow you can find the papers at milw0rm.
http://www.milw0rm.com/papers/55
Post a Comment