[ :: mainpage :: register :: conference :: training :: call for papers (CFP) :: the venue ]
[ :: capture the flag (CTF) :: press/media :: conference agenda :: contact us ]
[ :: forum :: sponsors :: past conferences :: conference kit (PDF) ]

TECH TRAINING 3 - The Exploit Laboratory

Filed under: Main Page — Administrator @ 8:06 pm

April 13, 2006

Title: The Exploit Laboratory
Trainers: Saumil Shah, (Director, Net-Square) & SK Chong (Scan-Associates, Malaysia)
Capacity: 24 pax
Duration: 2 days
Cost: (per pax) RM2800 (early bird) / RM3200 (non early-bird)


This workshop shall introduce how buffer overflow vulnerabilities arise in programs and how they get exploited. The workshop will take you deep inside how programs are loaded and execute within memory, how to spot buffer overflow conditions and how exploits get constructed for these overflow conditions. By exposing the inner mechanisms of such exploits, we will understand how to prevent such vulnerabilities from arising.

The workshop will cover analysis of stack overflows, heap overflows and format string vulnerabilities. Examples of vulnerabilities shall be provided on both the Windows as well as the Unix platform. The class is highly hands-on and very lab intesive. The hands-on lab provides real-life examples of programs containing vulnerabilities, and participants are required to analyse and exploit these vulnerabilities.

Who should attend

Pen-testers, developers, just about anyone who wants to understand how exploits work.

Key learning objectives

Understanding error conditions.
Categories of error conditions - stack overflow, heap overflow, off-
by-one, format string bugs, integer overflows (this class will deal
only with stack, heap and format string)
Unix process memory map
Win32 process memory map
Writing shellcode
Real life exploit construction
Secure coding practices
Kernel level protection mechanisms


Attendees will require:

A working knowledge of operating systems, Win32 and Unix
Ability to compile programs using GCC
Ability to use vi/pico/joe editors
Understanding of C programming would be a bonus

This class requires you to sign a code-of-ethics document, which is to ensure appropriate use of such techniques.

About the trainers:

Saumil Shah

Saumil continues to lead the efforts in e-commerce security research and product development at Net-Square. His focus is on researching vulnerabilities with various e-commerce and web based application systems, system architecture for Net-Square’s tools and products, and developing short term training programmes. Saumil also provides information security consulting services to Net-Square clients, specializing in ethical hacking and security architecture. He holds a designation of Certified Information Systems Security Professional. Saumil has had more than nine years experience with system administration, network architecture, integrating heterogenous platforms, and information security and has perfomed numerous ethical hacking exercises for many significant companies in the IT area. Saumil is a regular speaker and trainer at security conferences such as BlackHat, RSA, etc.

Previously, Saumil was the Director of Indian operations for Foundstone Inc, where he was instrumental in developing their web application security assessment methodology, the web assessment component of FoundScan - Foundstone’s Managed Security Services software and was instrumental in pioneering Foundstone’s Ultimate Web Hacking training class.

Prior to joining Foundstone, Saumil was a senior consultant with Ernst & Young, where he was responsible for the company’s ethical hacking and security architecture solutions. Saumil has also worked at the Indian Institute of Management, Ahmedabad, as a research assistant and is currently a visiting faculty member there.

Saumil graduated from Purdue University with a master’s degree in computer science and a strong research background in operating systems, networking, infomation security, and cryptography. At Purdue, he was a research assistant in the COAST (Computer Operations, Audit and Security Technology) laboratory. He got his undergraduate degree in computer engineering from Gujarat University, India. Saumil is a co-author of “Web Hacking: Attacks and Defense” (Addison Wesley, 2002) and is the author of “The Anti-Virus Book” (Tata McGraw-Hill, 1996)

SK Chong

S.K. (CISSP) is a security consultant from SCAN Associates. His job allows him to play with all kinds of hacking tools in his penentration testing. Most often, he needs to modify and/or enhance these tools before it can be used for legal penetration testing against banks, ISP and goverment agencies. These experiences help him wrote a few security whitepapers on SQL Injection, Buffer Overflow, Shellcode and Windows Kernel stuff, including one of which published in Phrack E-zine #62. His researches was presented in Blackhat (Singapore) 2003, HITBSecConf2003 - Malaysia, RuxC0n2004 (Australia), XCon2004 (China) and many other security conferences.

Event Organizer

Hack In The Box (M) Sdn. Bhd.

Supported & Endorsed By

Malaysian Communications and Multimedia Commission (MCMC)

Malaysian Administrative Modernisation & Management Planning Unit

Platinum Sponsors

Foundstone - A division of McAfee Inc.

Microsoft Corporation

Main Sponsors

Cisco Systems

Lucent Technologies - Bell Labs Innovations

Official Airline Partner

Internet Bandwidth Sponsor

AIMS - Malaysia's Telecommunications Hub

Official Hotel

Westin Kuala Lumpur

CTF Sponsor


CTF Prize Sponsor

Scan Associates Berhad.

Our Speakers Are Supported By:

Bellua Asia Pacific

Core Security Technologies

Media Partners:

InfoSec News

(ISN) InfoSec News

Virus Bulletin online magazine is dedicated exclusively to reporting and analysing malicious computer programs and spam. The annual Virus Bulletin conference is cited by many in the industry as the anti-malware event of the year.

Insecure Magazine

Phrack Magazine

Hakin9 Magazine

Supporting Organizations


ISECOM - Insititue for Security and Open Methodologies

IT Underground

Chaos Computer Club (Germany)

X-Focus China

Zone-H Defacement Mirror

Xatrix Security


Special Interest Group in Security & Information InteGrity Singapore