Lecturer: Simone Aonzo (DIBRIS, Università di Genova)

When and where

30/07/2018 11:15-13:15 + 14:15-16:15, room: TBD @ DIBRIS - Via Dodecaneso 35, I-16146, Genoa, Italy.


The purpose of this lesson is to introduce people with prior basic exploitation experience (on other architectures) to “real world” exploitation scenarios on the ARM processor architecture. The reality is that exploitation these days is harder and a bit more nuanced than it was in the past with the advent of protection mechanisms like XN, ASLR, stack cookies, etc. As such, this lesson is called “practical” because it aims to teach exploitation on ARM under the real-world circumstances in which the exploit developer will encounter (and have to circumvent) these protection mechanisms. The lesson materials focus on ARM achitecture (32 bit) and advanced exploitation topics (circumventing protection mechanisms) using Linux as the platform as a basis to learn the ARM architecture but with the obvious applications being platforms running on mobile phones, tablets, embedded devices, etc.