FUTURE.md

Ideas and/or future, next steps?

A few ideas to implement/try in the future:

• Tutorial B: Remote Exploit. Shellcode without Sockets

  • https://0x00sec.org/t/remote-exploit-shellcode-without-sockets/1440

• Tutorial C: Infecting Running Processes

  • https://0x00sec.org/t/linux-infecting-running-processes/1097

• Tutorial A: Remote shell through remote vulnerability (e.g. buffer overflow)

• Tutorial Z: Fuzzing

  • https://fuzzing-project.org/tutorial1.html

• Tutorial Y: Pen Testing

• Tutorial X: Remote buffer overflow exploiting

  • https://www.areanetworking.it/explanation-of-a-remote-buffer-overflow-vulnerability.html
  • https://www.cs.vu.nl/~herbertb/misc/bufferoverflow/

• Tutorial U: Sniffers

  • https://0x00sec.org/t/how-do-those-hackers-tools-work-sniffers-part-i/686
  • https://0x00sec.org/t/how-do-those-hackers-tools-work-sniffers-part-ii/777

• Tutorial D: Docker for forensics

  • https://hub.docker.com/r/nov3mb3r/dfir/~/dockerfile/
  • https://0x00sec.org/t/forensics-docker/6220

• Continue with tutorials at https://github.com/nnamon/linux-exploitation-course

• https://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/

• Automatic Exploit Generation (AEG) (https://github.com/ChrisTheCoolHut/Zeratool)

Reversing roadmap

None for now. Some pointers:

• https://twitter.com/daeken/status/1025123319824244738. Listing things below

• Read: Reversing by Eldad Eilam

• Assembly

  • Do: Write some C, compile it,
  • disassemble, hand-decompile to C
  • Do: Have a friend write and compile some C,
  • then disassemble and hand-decompile it and have friend check your work

• Do: Pick a game (some ideas in the CTF section, some hacking oriented games exist). Reverse-engineer its archive format and write an unpacker

• Read: The Dragon Book (Compilers by Aho et al)

• Do: Write a compiler from some high-level language (feel free to make one up) to another (Python) 7)

• Do: Write an assembler

• Do: Write a compiler from some language down to assembly

  • C https://norasandler.com/2017/11/29/Write-a-Compiler.html

• Read: Reverse Compilation Techniques by Cifuentes [...]

• Do: Write a decompiler for CIL and/or Dalvik bytecode

• Do: Write a decompiler for ARM (doesn't have to be ARM, but it's consistent and relatively sane)

• Read: The osdev wiki, until your eyes can't focus anymore [...]

• Do: Write a toy kernel

  • Do: Write it again, with slightly less suck
  • Do: Port your kernel to a different platform

• Do: Pick a well-known platform and write an interpreting emulator

  • Do: Add a recompiler [...]

• Do: Pick a slightly-unknown platform

  • Read: Everything you can find about it
  • Do: Begin writing an emulator
  • Read: All the assembly you can find, for bits that aren't known
  • Go back to 16b, continuing your work [...]