Windows Overflows

Windows Overflows Course outline:

Two (or five) days of intensive hands on training in how to exploit stack and heap overflows on the Windows Platform. Requires basic programming (in C/C++) knowledge.

Topics that will be covered in this course include:

Day 1: Windows Stack Overflow Basics
  • Diagnosis of basic stack overflows
  • Construction of stack overflows
  • Finding reliable jump-points
  • Using Immunity Debugger for exploit development
  • Analyzing exploitation problems

Day 2: Self-driven Windows Stack Overflows
  • Shellcode Walkthrough and Creation
  • SEH Handling for Fun and Profit

These topics will be taught to the class in an entirely hands on, lab-oriented, fashion.

The instructors for this class include some of the world's best Windows exploitation experts, who will guide you through your studies and provide a path for future development.

The five day version of this class offers more in depth examples, and touches on advanced techniques, such as heap overflows.

This class requires students to have their own laptops with at least 1 Gig of ram running Fedora Core 2 with VMWare installed. Obviously a room with a whiteboard and projector is also required for a successful class.

Good background material includes:
  • Aleph-1's Smashing the Stack for Fun and Proft
  • The Shellcoder's Handbook
  • Greg Hoglund's Exploiting Software
  • The Tao of the Windows Buffer Overflow, by Dildog
  • The papers listed in the resources section of Immunity, Inc's website