This course aims to teach participants a new approach to reverse engineering by focusing on undoing the work of the linker to produce relocatable files. By leveraging the techniques taught in the course, learners will be able to achieve universal code 'reuse' by relinking relocatable objects as shared libraries, leading to binary reflection, scripting capabilities, in-memory debugging, and automated API prototyping. The course also covers abusing dynamic linker internals for tasks like calling functions within a binary without crafting valid inputs. The intended audience for this course includes individuals interested in vulnerability exploitation, functional testing, static analysis validation, and computer wizardry. The teaching method involves practical demonstrations of new exploits in real-life applications and the use of the Witchcraft Compiler Collection, which will be released as open-source software under MIT/BSD-2 licenses.
Witchcraft Compiler Collection - Towards Programs Self Awareness
Security BSides San Francisco via YouTube
Overview
Syllabus
BSidesSF 2017 - Witchcraft Compiler Collection : Towards programs self awareness (endrazine)
Taught by
Security BSides San Francisco