Live Training 2011

Advanced Windows Exploitation Updated

Our Advanced Windows Exploitation (AWE) live course in Columbia, Maryland is fast approaching with a start-date of October 24. Not only is the first time we have offered this training outside of BlackHat, it is also the first time we are able to offer a full 5 days of training and a limited number of seats are still available for this intense course.

Along with the new site and extra day of training, we have also updated one of the modules with a very interesting vulnerability discovered by Chris Rohlf and Yan Ivnitskiy of Matasano Security in June 2011. We decided that this particular vulnerability would make an intriguing case study so we developed the integer overflow vulnerability into a working Mozilla Firefox exploit, controlling an invalid Javascript Array object index value being used to access element properties.

[image_frame style=”framed_shadow” width=”512″ height=”366″ align=”center”]https://www.offensive-security.com/images/awe2011_00.png[/image_frame]

The reduceRight method executes a user defined callback function once for each element present in the array. As you can make the array point out of bounds, the attacker can pass a fake sprayed object address to the callback function. At this point code execution can be gained in different ways triggering a method of the fake object.
Code execution on Windows 7 obviously requires some fun playing with pointers and memory to bypass DEP and ASLR protections, both of which this exploit manages to do.

[image_frame style=”framed_shadow” width=”512″ height=”366″ align=”center”]https://www.offensive-security.com/images/awe2011_01.png[/image_frame]

This proves to be our most exciting AWE class so far. If you would like to learn how to take your exploitation skills to the next level, sign-up now while there’s still time and available seats.

Previous Post
Winamp 5.58 Exploit Development
Next Post
MS11-080 Exploit – A Voyage into Ring Zero

Related Posts

Menu
X Close

 

Certified Pentesting
Professional

OSCP
course starting at
$800 USD

Take Penetration Testing with Kali Linux to gain invaluable penetration testing skills and earn your OSCP.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSCP

Certified Pentesting
Expert

OSCE
course starting at
$1200 USD

Take Cracking the Perimeter to take your penetration testing skills to expert levels and earn your OSCE.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSCE

 

Certified Pentesting
Web Expert

OSWE
course starting at
$1400 USD

Take Advanced Web Attacks and Exploitation, to deep dive into web apps to earn your OSWE.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSWE

Certified Pentesting
Wireless Professional

OSWP
course starting at
$450 USD

Take Offensive Security Wireless Attacks to acquire knowledge about Wi-Fi attacks and earn your OSWP.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSWP

Certified Exploitation
Expert

OSEE
course starting at
See
Live Schedule

Take Advanced Windows Exploitation to develop exploits for Windows systems and earn your OSEE.

  • Live training course
  • Includes certification exam fee
  • Maximum instructor interaction
  • Highly challenging
  • Become an OSEE