This course focuses on teaching the basics of 32-bit assembly language for the Intel Architecture (IA-32) family of processors on the Linux platform and applying it to Infosec. Once we are through with the basics, we will look at writing shellcode, encoders, decoders, crypters and other advanced low level applications.
A non-exhaustive list of topics to be covered include:
- Computer Architecture Basics
- IA-32/64 Family
- Compilers, Assemblers and Linkers
- CPU Modes and Memory Addressing
- Tools of the trade
- Nasm, Ld, Objdump, Ndisasm etc.
- IA-32 Assembly Language
- Registers and Flags
- Program Structure for use with nasm
- Data Types
- Data Movement Instructions
- Arithmetic instructions
- Reading and Writing from memory
- Conditional instructions
- Strings and Loops
- Interrupts, Traps and Exceptions
- Procedures, Prologues and Epilogues
- Syscall structure and ABI for Linux
- Calling standard library functions
- FPU instructions
- MMX, SSE, SSE2 etc. instruction sets
- Shellcoding on Linux
- Execution environment
- Exit and Execve shellcode
- Bind Shell and Reverse TCP
- Staged Shellcode
- Egg Hunter
- Using 3rd party shellcode
- Simulating shellcode
- locating syscalls
- graphing shellcode execution
- Encoders, Decoders and Crypters on Linux
- Purpose of encoding and crypting
- XOR encoders
- Custom encoding
- Random sequencing and scrambling
- mapping functions
- Crypters
- Polymorphism
- Why polymorphism?
- Polymorphic engines
- Techniques and Tools
