CS 395: Binary Exploitation in Linux Fall 2021

Created by Nihaal Prasad and Sam Goodwin

Course Description

CS 395: Student Initiated Special Topics are 1-credit courses that cover special and emerging topics of interest to computer science undergraduates. Lectures are guided by student facilitators under faculty advisement.

This class will introduce students to the basic concepts for developing exploits for vulnerable Linux programs. Students will learn how to identify vulnerabilities in software and produce more secure code. The class will include readings, assignments, and a project. Discussion topics include:

• Ethical hacking
• Stack/buffer overflows
• Integer overflows/underflows
• Format string vulnerabilities
• Exploit scripting
• Linux shellcoding
• Exploit mitigation technologies (PIE, ASLR, NX, Stack Canaries)
• Return-oriented Programming (ROP)
• Fuzzing

This is a 10 week course.

Course Outcomes

Upon completion of this course, students should be able to do the following:

• Understand how to reverse engineer programs legally and responsibly
• Identify and exploit common vulnerabilities in C programs
• Write powerful scripts to attack vulnerabilities.
• Write safer C programs and avoid vulnerable functions.