IT Underground XI 2008: The Damn Vulnerable Linux Project - Steps beyond ethical hacking! (by T. Schneider)

Learning how to hack is a complex task. Teaching how to hack is even more complex. With all these security live distributions out there, there is a growing need to facilitate the teaching process by offering free training. Despite the fact that there is a bunch of good distributions for security auditing, there is no known true training and learning environment available. Damn Vulnerable Linux - which is based on BackTrack - closes this gap and offers a full legal training and teaching system. For this DVL has extended BackTrack by adding various missing tools such as for Reverse Code Engineering tasks. DVL includes additionally a wide range of materials for training in the fields of binary and web exploitation, shellcode development or Reverse Code Engineering and Binary Auditing. Training material such as WebGoat and Honeynet tutorials are included. Additional packages as for rootkit and malware auditing training are available. DVL includes a bunch of vulnerable targets to train auditing tasks.

DVL is known to be used by various organisations such as training centers and universities - including the world wide first master of science in ethical hacking.

This talk is about the Damn Vulnerable Linux project and distribution. We give a brief introduction to the project, its goals, future steps and vision. We include teaching experiences from master student classes. Next we give a detailed overview about the Scientific Hacking project which is the training branch of Damn Vulnerable Linux and is aimed to teach IT security for free by the community to the community. We show why these projects go beyond ethical hacking and propose an own community driven certification according to ISO/IEC 17024.

IT Underground XI 2008: 64-bit Imports Rebuilding and Unpacking (by S. Doucet)

With 64-bit packers and protectors being released, there is presently a growing need to create new tools to facilitate the manual unpacking process and to make it as trivial as it is now for protected 32-bit executables. I’m proposing two brand-new tools: CHimpREC and CHimpREC-64, allowing the spirit of ImpREC to live on under the best possible compatibility with all the x64 versions of the Windows operating system.

This talk is about explaining the inner-workings of coding a 32-bit imports rebuilder and the problems encountered due to the WoW64 environment and Address Space Layout Randomization. Next, is an overview of the differences between the PE and PE32+ formats and their impact on porting CHimpREC to 64-bit. Finally, 2 or 3 short live unpacking sessions with different examples of 64-bit packers and how trivial it has become to deal with them with the help of CHimpREC-64.

Audience will learn:
Theory: How to build their own 32/64-bit Imports Rebuilder tool and automated PE unpackers.
Practice: Useful techniques to quickly unpack 32/64-bit PE executables.