Good morning everyone. There will be a Malware Analysis workshop on Wednesday and an ISSessions meeting on Friday. Workshop details are below. Meeting details for Friday are still in progress. Another post will be provided for the ISSessions time and agenda.
Location: Room S302
Time: Wednesday, November 13, 2019 – 7:00-9:30PM
On Wednesday in S302, we will have the first of a series of workshops on Malware Analsysis and Reverse Engineering. The workshop are designed to follow selected elements of RPISEC’s Malware Analysis course (https://github.com/RPISEC/Malware). Jason Hong and Ken Onuralp will give out take-home exercises and do reviews.
The first workshop will be an introductory session into the world of malware analysis and reverse engineering. The coordinators will talk about their experiences in MA/RE, walk you through a couple of FLARE CTF challenges, the mindset required, and then dive into a gentle introduction by teaching basis static and dynamic analysis. A Windows image will be provided (see below).
– C (or another higher-level programming language)
– Some assembly required (if you do not know assembly, do not worry, we’ll be going over some basic disassembly)
– Linux (basic command-line knowledge, how to install software on your distro)
– VirtualBox (will NOT work on VMWare)
Please download the following pre-setup VM at https://drive.google.com/open?id=1BwDWB3WkB3Qj7B5SEq-9P_RN2IjO3gBG
During some of the workshops, you will be working with live malware. Please act responsibly. Make sure you are taking precautions when running your virtual machines (we will go through set up instructions when we do dynamic analysis). We are not responsible for the things you decide to do on your own time. Do not be evil. Do not be stupid.
Again to reiterate, our workshop is on Wednesday and we have a ISS meeting this Friday.
As we return back to Standard Time in Canada, our next workshop is slowly approaching on Friday, November 8th.
Smashing the Web is our next workshop being led by Spencer Lee on Friday November 8. This workshop will cover SQL injection (SQLi) and cross site scripting (XSS), spanning introductory examples to complex real world problems.
Software and Hardware:
You will need the following ready and running for the workshop:
- A laptop with Linux running natively or in a virtual machine
- The Linux host or VM will also need to have docker and docker-compose installed as well as any web browser (Firefox, Chrome, etc.)
For simplicity, we’ve created the following VMWare Virtual Machine image. It is pre-loaded with all the tools you need. Please download it BEFORE the workshop (it’s ~ 3.9G!). We will be going over how to load it into VMWare during the workshop (so please make sure you have VMWare Player or VMWare Workstation installed by then).
Download Link to Virtual Machine: https://drive.google.com/file/d/1g9y8fhZ5a-Qsz7HHxsAcDRNNRqCl-MWE/view?usp=sharing
Our rough guide for the entire workshop is as follows:
First half – SQL
Intro to basic SQL
Minimal PHP syntax coverage
Overview of injecting SQL into <input> tags
four login examples
two search bar examples
Second half – XSS
Installing local website with docker (github link will be provided)
Overview of XSS scripting
Using local the local web server
– we’ll practice many different XSS attacks in partners
Last but not least here so take home resources to read up on both before and after the workshop.
Take Home Resources:
Hello everyone. I hope the last few weeks haven’t been too tiring because our first workshop is coming up soon. Our next meeting is on November 1st, 2019 and will consist of a 20min news roundup with Nick then Git Workshop until 9:30 with Adam Burek in J102.
This workshop has been designed with the following points in mind:
- Beginner Friendly
- Provide an overview of Git and Github
- What is it and why is it useful?
- Why is it useful for us?
- Provide context for using this in our program classes/assignments
Hardware and Software Requirements:
Please download the installers or ask for help with obtaining the installers as the workshop will also cover installation. As virtual machine images take a long time to download, please have at least these prepared for the workshop.
For any questions about the requirements and/or what to expect, you may contact @Louai or @AdamB directly on our Discord server! That’s it folks! We are so excited for this workshop and we hope you are too!