In the world of security research, web browsers, Operating Systems, and Virtualisation software are considered some of the most impressive targets to find vulnerabilities in. They’re also unfortunately some of the most complicated to look at, with the amount of prerequisite knowledge required to even begin research feeling unattainable for many researchers. This course covers the internals of several hard targets, with the aim of giving students a practical introduction to understanding and debugging some of the most interesting topics in the space of security research, with the aim that they will begin to explore the code themselves and be able to learn from future bugs found in these programs. Furthermore, the information students take away will enable them to research similar implementations they may be interested in by breaking through the initial barrier to entry.
This course is very fast-paced as it covers a lot of complicated internals from both a theoretical and practical perspective. The focus is on the inner workings of these types of software as opposed to exploitation, so exploitation primitive will not be explicitly discussed as a part of the contents.
Training agenda:
Day 1 — Browsers:
Both Firefox and Chrome will be covered in this training, with focus on the JavaScript engine internals:
– Parsing
– The JavaScript VM
– Object Representation
– Various Optimisations
– Just-in-time Compilation
– Debugging Techniques
– Finding Old Vulnerabilities
Day 2 — Operating Systems/IoT:
The Linux kernel will be the main focus of this day, with emphasis on internals, such as:
– Introduction to Operating Systems and the x86_64 architecture
– Exploring Linux Source Code and building the kernel
– Setting up and Kernel Debugging
– Exploring the kernel init process
– Virtual and Physical memory, and paging internals
– System Calls and Interrupts
– Process Representation, Context Switching, and scheduling
– Memory protections in user land and kernel land
– Filesystem and Networking Internals
– Introduction to IoT
– Finding and extracting IoT Firmware
– Finding points of interest in the file system
Day 3 — Virtualisation:
Both VirtualBox and QEMU/KVM will be covered in this training, with emphasis on various internals, such as:
– Software virtualisation and Hardware-assisted virtualisation internals (VT-x)
– Emulated Devices
– Port IO/MMIO
– Guest-to-host communication (and guest additions)
– Network Communication
– Paravirtualisation
– Debugging techniques
– If there is time, a bonus introduction to getting started with VMWare reversing
Student requirements:
A laptop with an Intel processor (no MacBooks with M1 Processors) with the ability to boot into an OS on a USB.
It should be capable of running VirtualBox (x86_64)
What will be given to students:
Summary sheets with the information from the slides
Cheat Sheets for GDB debugging
A live-boot USB with the challenges and software on them
