Slides about Return Oriented Programming, presented at HeXA Hacking Seminar in 2016
These slides were created when I was sophomore, based on ideas I have studied alone. I've tried to do my best but there can be some missing/wrong points. Comments are welcome. Thank you.
TDOH 南區 WorkShop 2016 Reversing on WindowsSheng-Hao Ma
The document discusses various topics related to reversing Windows programs, including:
1) The structure of Windows Portable Executable (PE) files and processes. It covers the import address table, image base, and finding the program entry point.
2) x86 assembly language concepts like opcodes, registers, data types, calling conventions, and function calls.
3) Tools for reversing including IDA Pro, OllyDbg, and Cheat Engine. It provides instructions on using these tools to analyze PE files, disassemble code, and debug processes.
Here are the slides that I gave for The Arizona Software Community meetup.
http://www.meetup.com/azsoftcom/events/222936544/
This was a gentle introduction to some of the features in EcmaScript 2015 and how and why you may use them.
JavaFX is a software platform for creating and delivering desktop applications, as well as rich internet applications (RIAs) that can run across a wide variety of devices. Some key aspects of the JavaFX platform include its base classes like Application, Scene and Stage; the use of FXML for building the user interface with CSS styling and JavaScript capabilities; JavaFX properties and bindings for observing value changes; and support for animation. The JavaFX architecture provides objects, APIs and utilities to help developers create visually-engaging and responsive user experiences.
This document discusses the Android multimedia framework on Jelly Bean. It provides an introduction to OpenMAX and describes the simple stack architecture including the developer API, event handler, surface holder, StageFright, OpenMAX interface, and software/hardware codecs. It explains the workflows and sequence flows for playing a media file, including setting the data source, preparing to play, and starting playback. Finally, it covers the synchronization architecture and flow of StageFright.
This document provides an introduction to JavaFX 2. It discusses the history of desktop applications in Java, including AWT, Swing, and issues with the old approaches. It then summarizes the announcement and initial challenges of JavaFX 1. It outlines the core concepts of JavaFX 2, including the architecture with Application, Scene, Stage, and FXML. It also briefly discusses controllers, properties, bindings, collections, charts, animation, effects, media, and tools like SceneBuilder and Scenic View.
This document provides a summary of the history and features of the Groovy programming language. It discusses how Groovy evolved from earlier dynamic scripting languages for Java like BeanShell and Rhino. Key points include:
- Groovy was created in 2003 by James Strachan as a new dynamic language for the Java platform.
- Groovy adds dynamic and static typing, closures, builders, metaprogramming and other features to make Java development more productive.
- Groovy scripts can omit elements like semicolons and parentheses and do not require defining a class or main method. This makes Groovy code more concise and readable.
The document discusses programming for fun and enjoyment. It provides tips on using Vim and Ruby for fun programming projects. It also discusses Ruby programming concepts like classes and threads. Finally, it promotes programming meetups and brigades as a way to socially engage with other programmers.
The document discusses the Assembly programming language. It covers Assembly registers and instructions, the ELF file format, using objdump and readelf to disassemble and inspect Assembly programs, and examples of building Assembly programs and using inline Assembly in C code. Key topics include common Assembly registers like EAX, EBP, ESP; basic instructions like mov, add, jumps; the ELF header and section structure; and using tools like objdump to disassemble Assembly code.
TDOH 南區 WorkShop 2016 Reversing on WindowsSheng-Hao Ma
The document discusses various topics related to reversing Windows programs, including:
1) The structure of Windows Portable Executable (PE) files and processes. It covers the import address table, image base, and finding the program entry point.
2) x86 assembly language concepts like opcodes, registers, data types, calling conventions, and function calls.
3) Tools for reversing including IDA Pro, OllyDbg, and Cheat Engine. It provides instructions on using these tools to analyze PE files, disassemble code, and debug processes.
Here are the slides that I gave for The Arizona Software Community meetup.
http://www.meetup.com/azsoftcom/events/222936544/
This was a gentle introduction to some of the features in EcmaScript 2015 and how and why you may use them.
JavaFX is a software platform for creating and delivering desktop applications, as well as rich internet applications (RIAs) that can run across a wide variety of devices. Some key aspects of the JavaFX platform include its base classes like Application, Scene and Stage; the use of FXML for building the user interface with CSS styling and JavaScript capabilities; JavaFX properties and bindings for observing value changes; and support for animation. The JavaFX architecture provides objects, APIs and utilities to help developers create visually-engaging and responsive user experiences.
This document discusses the Android multimedia framework on Jelly Bean. It provides an introduction to OpenMAX and describes the simple stack architecture including the developer API, event handler, surface holder, StageFright, OpenMAX interface, and software/hardware codecs. It explains the workflows and sequence flows for playing a media file, including setting the data source, preparing to play, and starting playback. Finally, it covers the synchronization architecture and flow of StageFright.
This document provides an introduction to JavaFX 2. It discusses the history of desktop applications in Java, including AWT, Swing, and issues with the old approaches. It then summarizes the announcement and initial challenges of JavaFX 1. It outlines the core concepts of JavaFX 2, including the architecture with Application, Scene, Stage, and FXML. It also briefly discusses controllers, properties, bindings, collections, charts, animation, effects, media, and tools like SceneBuilder and Scenic View.
This document provides a summary of the history and features of the Groovy programming language. It discusses how Groovy evolved from earlier dynamic scripting languages for Java like BeanShell and Rhino. Key points include:
- Groovy was created in 2003 by James Strachan as a new dynamic language for the Java platform.
- Groovy adds dynamic and static typing, closures, builders, metaprogramming and other features to make Java development more productive.
- Groovy scripts can omit elements like semicolons and parentheses and do not require defining a class or main method. This makes Groovy code more concise and readable.
The document discusses programming for fun and enjoyment. It provides tips on using Vim and Ruby for fun programming projects. It also discusses Ruby programming concepts like classes and threads. Finally, it promotes programming meetups and brigades as a way to socially engage with other programmers.
The document discusses the Assembly programming language. It covers Assembly registers and instructions, the ELF file format, using objdump and readelf to disassemble and inspect Assembly programs, and examples of building Assembly programs and using inline Assembly in C code. Key topics include common Assembly registers like EAX, EBP, ESP; basic instructions like mov, add, jumps; the ELF header and section structure; and using tools like objdump to disassemble Assembly code.
The document explains how a simple C program's function call is executed at the assembly level using a stack. It step-by-step traces the execution of a function call from the main function through the called function and return. Key steps include pushing the return address and arguments onto the stack, allocating space on the stack for local variables, copying the stack pointer to the base pointer, and restoring registers and deallocating stack space upon return.
The document provides an introduction to pwn, which refers to fully controlling another person's device by exploiting vulnerabilities. It discusses what pwn is, how to infiltrate systems, common exploitation techniques like buffer overflows, and gives an example lab outline. The key points are that pwn involves using exploits to gain unauthorized access and control of servers by leveraging bugs in binaries or logic flaws. Common vulnerabilities include unfiltered user input, array index errors, and logical flaws.
This document provides a cheat sheet for using the Mona.py tool to analyze crashes and facilitate exploit development. It outlines commands for configuring Mona, searching for pointers and patterns in memory, finding code snippets, generating cyclic patterns, and automating ROP chain generation for bypassing DEP. The document explains how to use Mona to suggest exploit primitives after a crash, find useful gadgets like POP/POP/RET sequences, and provide starting points for ROP payloads.
The document discusses reverse engineering techniques and obfuscation using only the mov instruction. It describes how an experienced reverse engineer would approach analyzing code that has been obfuscated to only use mov instructions by tracking data flows and values. An example of obfuscated mov-only code is provided.
We introduce the fundamentals of dynamic memory allocation and highlight several exploitable properties. These ideas are put into practice in a set of heap overflow challenges from exploit-exercise.com's Protostar VM. We walk through the first three. Other uses of heap space such as heap spraying are mentioned.
This talk gives a short introduction into buffer overflows, how to exploit them and which counter measures are used in openSUSE Linux to make exploitation harder.
We'll cover stack canaries, fortify source, address space layout randomization and NX. We'll see how they work and how they can be circumvented in a live demo of a working exploit that manages to circumvent these security measures.
You can find the video recording here: https://www.youtube.com/watch?v=8tOhdUXcSkw
Heiko Behrens and Matthew Hungerford talk about advanced programming techniques for Pebble. This talk focused on size to optimize pebble apps for code size, heap space, and advice on use of floating point.
The Mandelbrot demo and XKCD app were featured.
Day 1 - Video 3A
This document provides an overview of x86 assembly language and the GNU Debugger (GDB). It describes the process of creating an executable file from source code using preprocessing, compilation, assembly and linking. It also covers x86 registers, common instructions like MOV, PUSH, CALL and RET. The document introduces Intel and AT&T syntax and system calls. Finally, it outlines basic operations and commands in GDB like breaking, running, examining memory and registers.
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving
Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
This talk will cover ScyllaDB Architecture from the cluster-level view and zoom in on data distribution and internal node architecture. In the process, we will learn the secret sauce used to get ScyllaDB's high availability and superior performance. We will also touch on the upcoming changes to ScyllaDB architecture, moving to strongly consistent metadata and tablets.
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor IvaniukFwdays
At this talk we will discuss DDoS protection tools and best practices, discuss network architectures and what AWS has to offer. Also, we will look into one of the largest DDoS attacks on Ukrainian infrastructure that happened in February 2022. We'll see, what techniques helped to keep the web resources available for Ukrainians and how AWS improved DDoS protection for all customers based on Ukraine experience
The Department of Veteran Affairs (VA) invited Taylor Paschal, Knowledge & Information Management Consultant at Enterprise Knowledge, to speak at a Knowledge Management Lunch and Learn hosted on June 12, 2024. All Office of Administration staff were invited to attend and received professional development credit for participating in the voluntary event.
The objectives of the Lunch and Learn presentation were to:
- Review what KM ‘is’ and ‘isn’t’
- Understand the value of KM and the benefits of engaging
- Define and reflect on your “what’s in it for me?”
- Share actionable ways you can participate in Knowledge - - Capture & Transfer
Session 1 - Intro to Robotic Process Automation.pdfUiPathCommunity
👉 Check out our full 'Africa Series - Automation Student Developers (EN)' page to register for the full program:
https://bit.ly/Automation_Student_Kickstart
In this session, we shall introduce you to the world of automation, the UiPath Platform, and guide you on how to install and setup UiPath Studio on your Windows PC.
📕 Detailed agenda:
What is RPA? Benefits of RPA?
RPA Applications
The UiPath End-to-End Automation Platform
UiPath Studio CE Installation and Setup
💻 Extra training through UiPath Academy:
Introduction to Automation
UiPath Business Automation Platform
Explore automation development with UiPath Studio
👉 Register here for our upcoming Session 2 on June 20: Introduction to UiPath Studio Fundamentals: https://community.uipath.com/events/details/uipath-lagos-presents-session-2-introduction-to-uipath-studio-fundamentals/
What is an RPA CoE? Session 1 – CoE VisionDianaGray10
In the first session, we will review the organization's vision and how this has an impact on the COE Structure.
Topics covered:
• The role of a steering committee
• How do the organization’s priorities determine CoE Structure?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
The document explains how a simple C program's function call is executed at the assembly level using a stack. It step-by-step traces the execution of a function call from the main function through the called function and return. Key steps include pushing the return address and arguments onto the stack, allocating space on the stack for local variables, copying the stack pointer to the base pointer, and restoring registers and deallocating stack space upon return.
The document provides an introduction to pwn, which refers to fully controlling another person's device by exploiting vulnerabilities. It discusses what pwn is, how to infiltrate systems, common exploitation techniques like buffer overflows, and gives an example lab outline. The key points are that pwn involves using exploits to gain unauthorized access and control of servers by leveraging bugs in binaries or logic flaws. Common vulnerabilities include unfiltered user input, array index errors, and logical flaws.
This document provides a cheat sheet for using the Mona.py tool to analyze crashes and facilitate exploit development. It outlines commands for configuring Mona, searching for pointers and patterns in memory, finding code snippets, generating cyclic patterns, and automating ROP chain generation for bypassing DEP. The document explains how to use Mona to suggest exploit primitives after a crash, find useful gadgets like POP/POP/RET sequences, and provide starting points for ROP payloads.
The document discusses reverse engineering techniques and obfuscation using only the mov instruction. It describes how an experienced reverse engineer would approach analyzing code that has been obfuscated to only use mov instructions by tracking data flows and values. An example of obfuscated mov-only code is provided.
We introduce the fundamentals of dynamic memory allocation and highlight several exploitable properties. These ideas are put into practice in a set of heap overflow challenges from exploit-exercise.com's Protostar VM. We walk through the first three. Other uses of heap space such as heap spraying are mentioned.
This talk gives a short introduction into buffer overflows, how to exploit them and which counter measures are used in openSUSE Linux to make exploitation harder.
We'll cover stack canaries, fortify source, address space layout randomization and NX. We'll see how they work and how they can be circumvented in a live demo of a working exploit that manages to circumvent these security measures.
You can find the video recording here: https://www.youtube.com/watch?v=8tOhdUXcSkw
Heiko Behrens and Matthew Hungerford talk about advanced programming techniques for Pebble. This talk focused on size to optimize pebble apps for code size, heap space, and advice on use of floating point.
The Mandelbrot demo and XKCD app were featured.
Day 1 - Video 3A
This document provides an overview of x86 assembly language and the GNU Debugger (GDB). It describes the process of creating an executable file from source code using preprocessing, compilation, assembly and linking. It also covers x86 registers, common instructions like MOV, PUSH, CALL and RET. The document introduces Intel and AT&T syntax and system calls. Finally, it outlines basic operations and commands in GDB like breaking, running, examining memory and registers.
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving
Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
This talk will cover ScyllaDB Architecture from the cluster-level view and zoom in on data distribution and internal node architecture. In the process, we will learn the secret sauce used to get ScyllaDB's high availability and superior performance. We will also touch on the upcoming changes to ScyllaDB architecture, moving to strongly consistent metadata and tablets.
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor IvaniukFwdays
At this talk we will discuss DDoS protection tools and best practices, discuss network architectures and what AWS has to offer. Also, we will look into one of the largest DDoS attacks on Ukrainian infrastructure that happened in February 2022. We'll see, what techniques helped to keep the web resources available for Ukrainians and how AWS improved DDoS protection for all customers based on Ukraine experience
The Department of Veteran Affairs (VA) invited Taylor Paschal, Knowledge & Information Management Consultant at Enterprise Knowledge, to speak at a Knowledge Management Lunch and Learn hosted on June 12, 2024. All Office of Administration staff were invited to attend and received professional development credit for participating in the voluntary event.
The objectives of the Lunch and Learn presentation were to:
- Review what KM ‘is’ and ‘isn’t’
- Understand the value of KM and the benefits of engaging
- Define and reflect on your “what’s in it for me?”
- Share actionable ways you can participate in Knowledge - - Capture & Transfer
Session 1 - Intro to Robotic Process Automation.pdfUiPathCommunity
👉 Check out our full 'Africa Series - Automation Student Developers (EN)' page to register for the full program:
https://bit.ly/Automation_Student_Kickstart
In this session, we shall introduce you to the world of automation, the UiPath Platform, and guide you on how to install and setup UiPath Studio on your Windows PC.
📕 Detailed agenda:
What is RPA? Benefits of RPA?
RPA Applications
The UiPath End-to-End Automation Platform
UiPath Studio CE Installation and Setup
💻 Extra training through UiPath Academy:
Introduction to Automation
UiPath Business Automation Platform
Explore automation development with UiPath Studio
👉 Register here for our upcoming Session 2 on June 20: Introduction to UiPath Studio Fundamentals: https://community.uipath.com/events/details/uipath-lagos-presents-session-2-introduction-to-uipath-studio-fundamentals/
What is an RPA CoE? Session 1 – CoE VisionDianaGray10
In the first session, we will review the organization's vision and how this has an impact on the COE Structure.
Topics covered:
• The role of a steering committee
• How do the organization’s priorities determine CoE Structure?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
5th LF Energy Power Grid Model Meet-up SlidesDanBrown980551
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!