CS356 Schedule

Calendar feed: https://www.flyn.org/courses/cs356-2022-fall/schedule.ics
Read before class
Tuesday, Sep 6 1. Introduction; intro Aquinas ssh, unix, git, and hello in C
Thursday, Sep 8 2. Remember C?; c 0x200– 0x267
Tuesday, Sep 13 3. Recon, exploit, persist, move, exfil Just enough networking; ops-and-net-intro Aquinas git and hello in C Aquinas computer, cdrom, and decode in C
Thursday, Sep 15 4. Port scanning and fingerprinting; video 0x270– 0x287 (In class: Aquinas recon)
Tuesday, Sep 20 5. Tricks with SSH and other network tools; net-error-handling.c Aquinas decode in C Aquinas network in C and overflow in C (In class: Aquinas sshgames)
Thursday, Sep 22 6. Surprising communication channels and those dang buffers; channels-and-buffers covert_tcp.c gets.c 0x300– 0x320
Tuesday, Sep 27 7. Shell code and privilege escalation Introduction and demonstration; retval-fun Aquinas network in C and overflow in C Aquinas smash in C, syscall in AMD64, shellcode in C
Thursday, Sep 29 8. Shellcode and countermeasures; countermeasures stack stack.c 0x321– 0x359
Tuesday, Oct 4 9. Return-oriented programming 1; rop service-retlibc32.c service-retlibc32 service-retlibc64.c service-retlibc64 Aquinas smash in C, syscall in AMD64, shellcode in C Aquinas nop in C and rop in C
Thursday, Oct 6 10. Return-oriented programming 2; rop2 0x500
Tuesday, Oct 11 11. Exam 1 (in person, alt. instructor)
Thursday, Oct 13 12. Catch up and exam review (no meeting)
Tuesday, Oct 18 13. Networking A different kind of stack: abstraction; net2 Aquinas nop in C and rop in C Aquinas udpscan in C
Thursday, Oct 20 14. ARP; arp 0x400– 0x433
Tuesday, Oct 25 15. Writing raw packets, and reading all packets; low-level-net arpreq.c Aquinas udpscan in C Aquinas arpspoof in C
Thursday, Oct 27 16. Denial of service and more port scanning 0x440– 0x483
Tuesday, Nov 1 17. Web and cryptographic attacks; tls Aquinas arpspoof in C Aquinas tlsproxy in C
Thursday, Nov 3 18. Passwords and More TLS; tls2 0x700– 0x753
Tuesday, Nov 8 19. Attacks on the web; web xssd.go steald.go Aquinas tlsproxy in C Aquinas xss in C
Thursday, Nov 10 20. More attacks on the web; web2 bankd.go netping.c netping-not-fixed.c netping-fixed.c netping-fixed2.c cmdinjectd.go sqlinjectd.go
Tuesday, Nov 15 21. Program analysis; analysis uninit.c use-after-free.c double-free.c leak.c overflow.c race.c Aquinas xss in C
Thursday, Nov 17 22. Exam review
Tuesday, Nov 22 23. Exam 2
Thursday, Nov 24 24. Thanksgiving break
Tuesday, Nov 29 25. Binary reverse engineering; reveng1 Makefile hello.c if.c case.c for.c while.c do.c array.c Aquinas reveng2 in C, reveng3 in C, and reveng4 in C
Thursday, Dec 1 26. reveng2 hellobye.c
Tuesday, Dec 6 27. Protocol reverse engineering Aquinas reveng2 in C, reveng3 in C, and reveng4 in C Aquinas netreveng1 in C
Thursday, Dec 8
Tuesday, Dec 13 29. Review; review Aquinas netreveng1 in C