I’m happy to announce that arrangements have now been finalized for the Tripwire team to return for the Tripwire VERT Hack Lab at the MTCC!

We will be bringing some new hardware devices as well as a new virtualized hack target. This new virtual target, an ASUS DSL modem with recent firmware, can be compromised by applying the tools & methods we’ve taught in the classroom and in the Hack Lab since day 1.

If you’ve previously visited the Hack Lab or taken one of my IoT classes, I would highly encourage visiting the booth again this year to complete this latest exercise. We will also be taking a closer look at hardware hacking/modification and software-defined radio attacks. Whether you have visited us before or not, please stop by and say hello to Tyler, Andrew, and me next month.

Don’t forget that the Hack Lab is strictly BYOL – Bring Your Own Laptop.

A Beginner’s Guide to Reversing with Ghidra

Registration is also open for A Beginner’s Guide to Reversing with Ghidra which will be held virtually on account of my not wanting to miss Halloween in Atlanta with my kids. In this training, students will learn how to use Ghidra by solving a series of incremental challenges. As a final challenge, students will analyze an IoT malware sample (Mirai) and figure out how to statically identify and decrypt CnC configuration from the sample.

Students taking this class should have, at a minimum, a basic understanding of programming and computer architecture, but they do not need prior reversing experience.

Concepts and processes covered in class include:

  • Ghidra UI conventions
  • Importing programs
  • Decompiling functions
  • Annotating code with variable names and comments
  • Defining data structures (automatic and manually)
  • Enumerating program strings
  • Navigating program references
  • Instruction patching (and program (Read more...)