Sergey Ivanov

Independent security researcher

About speaker

10+ years devoted to exploring space of machine codes, crushing stacks, conquering heaps and juggling ROP gadgets. Now the time has come to give back to the community. In my time away from tracking down vulnerabilities, I participate in CTFs as the core member of LC / BC.
June 17
12:00 — 16:00
Second Track
A course for those who have long though about but have not gotten round to exploiting binary vulnerabilities.

Course objective: Explain the concept of binary errors (overflows) and their operation. Demonstrate, how memory manipulation leads to code execution. Show the main approaches to exploiting. Explain the concept of mitigations and their evolution. After completing the course, students should be able to write an exploit for a vulnerability in a real application.

Required knowledge: the workings of x86 assembler, ability to utilise a disassembler, debugger, as well as an understanding of executable file formats.