Completed
Omelet Egg Hunter (192 bytes)
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
How to Cook Cisco: Exploit Development for Cisco IOS - George Nosenko - Ekoparty Security Conference - 2017
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Cisco Exploitation Milestones
- 3 Cisco Diversity
- 4 Our Target
- 5 Vulnerability
- 6 Mitigations
- 7 Common Steps to Arbitrary Code Execution
- 8 Cisco IOS Debugging
- 9 Gain Control
- 10 DEP Bypass Techniques
- 11 Return Oriented Programming (PowerPC)
- 12 Multitask Gadget
- 13 Multiload Gadget
- 14 How To Disable DEP
- 15 How does DEP work on PowerPC ?
- 16 PowerPC 405: TLB Entry
- 17 PowerPC 405: Zone Protection Register
- 18 PowerPC 405: DEP Disable Gadget
- 19 PowerPC 405: DEP Disable Chain
- 20 PowerPC e500: TLB Entries
- 21 PowerPC e500: DEP Disable Gadget
- 22 Staged Shellcode
- 23 Shellcode hunting
- 24 10-Memory structure
- 25 Packet Fragmentation
- 26 The caches invalidation
- 27 Omelet Egg Hunter (192 bytes)
- 28 Checking Code Integrity
- 29 Code Integrity Checking Bypass
- 30 Free Space Between Regions
- 31 Writing Shellcode on the C language
- 32 Image-independent shellcodes
- 33 Completion of the shellcode
- 34 Infinite Loop: Watch-Dog Bypass
- 35 ARBITRARY CODE EXECUTION: GEEKPWN CASE
- 36 Demo
