Exploiting Real Time Operating Systems, Tactical Network Solutions, Monday, 24. February 2020

CPE/ECE Credits: 40
Course Description This course will teach students how to analyze, reverse, debug, and exploit embedded RTOS firmware. Hands-on experience with a variety of real-world devices, RTOS’s, and architectures equip students with the practical knowledge and skills necessary to be proficient in RTOS vulnerability analysis and exploitation.
Prerequisites Due to the nature of the material, we do expect students to already have experience with:

basic overflows and ROP
be comfortable in IDA’s user interface
some prior knowledge of MIPS and ARM (a plus, but not required)

This course is a natural progression for students already familiar with embedded Linux/firmware exploitation. If you attended IoT Firmware Exploitation, then you meet the criteria!
Course Length 5 days
Day 1 Basic introduction to the concept of Real Time Operating Systems Overview of MIPS architecture and design Firmware analysis of our first target device Debugging our first target device Augmenting IDA’s auto analysis Searching for backdoors
Day 2 Searching for stack overflows Exploiting RTOS overflows How not to crash your target Practical exploitation of LAN services from the *****
Day 3 Hardware & firmware analysis Identifying functions without a symbol table Debugging without a debugger Searching for stack overflows Writing stack overflows with limited debugging Write stack overflow exploits for our second target device
Day 4 Parsing bugs Dynamic call path identification Complex ROP chains Re-programming RTOS kernel code on-the-fly Low-hanging crypto Breaking custom crypto Finding WPS crypto bugs Practical exploitation of WPS crypto bugs
Day 5 More firmware analysis Augmenting IDA’s auto analysis V-Chip backdoors Hidden manufacturer menus
Private, on-site training is available. Call +1 (443) 276–6990 or email us at sales@tacnetsol.com.

Exploiting Real Time Operating Systems

Find more events around you
Get event recommendations based on your Facebook taste. Get it now!Show me the suitable events for meNot now