I am having such a killer time at DerbyCon. It has only been a day and I have already met new people and am seeing a lot of familiar faces from last year. I love small cons, mainly this one, because no one seems to have an ego here and everyone is just chill. I highly recommend coming out to DerbyCon if you have a chance. Also, remember to try the Burbon Beer from the Sway lounge, its my fav.
Anyway, the real reason for this post. The Corelan bootcamp is everything I thought it would be. We went from 0-60 in no time. We started at 830am and didn’t finish until Midnight, mostly because everyone in class was dead tired and couldn’t finish the last module of day 1. The first exploit lab has a lot of gotchas that will challenge the way you think; no its not your typical FTP server exploit. He really stressed about all the bad habits we n00bs learn from just doing random tutorials around the interwebs. Its crazy, how many times I have done exploits using ‘NOPS’ and the first thing he says in class is ” NOPS are for lazy a*holes” and then started to explain to us why we shouldn’t use them. However, there is a place and a time where you can use them, but the majority of the time you shouldn’t use them. Troubleshooting your programs is a more efficient way to learning and challenging yourself. I have noticed that the more I am moving into Exploit Dev there are a 1000 ways to skin a cat and now I am trying to soak in all the information. I would say that if you have followed his tutorials then you should have a good understanding of how basic Stack Based overflows work. However, I would go over the material a few times, and actually attempt to do the higher level stuff (e.g. Heap, SEH, DEP, and ASLR). I would not be scared to take the class, even though it is a difficult class, Corelan does a really good job of explaining the material and making sure you are understanding the fundamentals. Sometimes, we as n00bs, just follow directions and really have no idea why we are doing certain things. Corelan spent a good chunk of day 1 covering the basics before we jumped into labs.
p>If you are thinking about taking the the OSCE or the AWE, I would definitely figure out a way to take Corelan’s course first. I already feel a lot more comfortable doing Exploit Dev and working in a debugger. Of course even to sign up for the OSCE I would suggest that you know your way around the debugger, but its nice to know that all my practice is really helping. Again, I would not be scared to take this course if you are just starting out. I think going through the many tutorials on the Net and his tutorials will really give you a great start. However, I would say know python or at least be familiar with it. My plans are to work through this course material and then jump back into OSCE mode.
Anyway, I am going to grab breakfast and get ready for Day 2 aka “Hell Day 2”.