Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

SANS SEC:709 – Developing Exploits for Penetration Testers – Day 1

SANS SEC:709 – Developing Exploits for Penetration Testers – Day 1

Day 1 of the SEC:709 course is finished. Before I give some points on the course, I want to say that I’m not a coder, and to be honest, scripting is enough of a challenge for me. So, when I said I’d facilitate for the course, I knew things would be above my head. Still, 50% through and I’m surprised at how much clearer things seem.

Day 1 covered the Linux side of exploit writing, as well as covering the basic points needed for tomorrows trip into the world of Windows. The pace is hectic and fast paced. Then again, with the amount to cover and the topics being highly technical (this is a SANS 700 level course), the exercises will need to be redone, and redone, and then once more to be sure. These are not the kind of labs you can GET in one try. Sure some of the basics fit together without too much brain ache, but the more advanced (well advanced for me) stuff will need some more work.

If you’re a penetration tester who wants to move beyond Metasploit and into the world of custom proof of concepts, then this is a great introduction. No 2 day course will take you from A to Z, but this one will give you the foundation to build on. I’ll let you know how day 2 does tomorrow… that is, if I survive 😉


2 responses to “SANS SEC:709 – Developing Exploits for Penetration Testers – Day 1

  1. CG December 9, 2008 at 20:04

    You know this already but metasploit is supposed help speed up exploit development not just be a ./sploit replacement.

  2. Chris Riley December 10, 2008 at 20:20

    Sure… Metasploit is a great resource when it comes to exploit writing. I was referring (probably badly) to the typical “point and click” security professionals who want to understand the how and why of the underlying exploit code, instead of just relying on HD and co. to write the exploits for them.

    From my viewpoint you need to understand how the vulnerable program works, and how it can be exploited, before you can use the parts of Metasploit that make exploit creation easier. After all Metasploit isn’t going to look at the executable and just spit out a suitable exploit for it. Maybe that’s planned for Metasploit 3.3 though 😉 Nothing surprises me anymore.

%d bloggers like this: