ENPM809V

Welcome!

Who Am I

Graduated from UMD in '19 with a BS in CS and '21 with a ME in Cyber Security from MAGE. Involved in CSEC and helped create challenges for UMDCTF-2019/20/21/22.

Held various cyber security roles:

• Software Security Engineer at RunSafe Security
• Software Security Engineer for the Department of Defense

Mike - WittsEnd2

Software Engineer - C, Python, & Web

Reverse Engineer/Binary Exploitation

Hobbies: CTFs/Dev Projects, Entrepreneurship, Baseball, Music, Stocks

Discord: WittsEnd2

Email: mwittner@umd.edu

Who is the TA

Graduated from UMD in '21 with a BS in CS and '23 with a ME in Cyber Security from MAGE. Involved in CSEC and solved challenges created by Mike for UMDCTF-2019/20/21/22.

Current cyber security role:

• Software Security Engineer for the Department of Defense

Michael

Software Engineer - C, Python, & Assembly

Reverse Engineer/Binary Exploitation

Discord: techn0mancer

Email: mjl33@umd.edu

About the Course

• Continuation of ENPM691
• Learning how more hacking techniques for the Linux operating system.
• Learn both user space and kernel space hacking
• Explore embedded and bare-metal hacking and reverse engineering

About the Course

• Much of this came from my experiences competing in CTFs, developing CTFs, and from courses I took (both in-person and online),
• You will see citations throughout from various people and organizations throughout the course.
• I am sharing everything that I have learned to you

Syllabus

• Learn concepts of Linux and x86 Architecture
• Continue Learning Userspace exploits
  • ROP Chain, Dynamic Memory, Race Condition, Sandboxing, Injection, etc.
• Learn About the Linux Kernel
• Learn Kernel Based Exploits and Hijacking
• Learn about embedded systems security

• Assignments - 80% of the grade
• Final - Week-long CTF  20%
• Fast-paced! Covering a lot in 15 weeks

Syllabus

Assignments

How to do assignments

• Thanks to Yan and his team at ASU, We will work on the pwn.college infrastructure for most assignments
  • All of the challenges are those I wrote
  • No setup needed! Just work on the web-browser
• Submit Code on ELMS
• Late Assignments Receive 10% off per day late (excess of 1 week late will not be graded)

What to Include: Code Comments

• Your pwn.college username
• As long/short as you like
  • Longer does not mean better
• Things that you might want to include
  • How did you figure out the vulnerability (if applicable)
    • Examples include: static analysis, dynamic analysis, debugging, etc.
  • Why did you take the steps? What made you come to that conclusion?
  • How does your solution work? What does each step do?
• We just want to make sure that you understand! If you generally put in effort, you will get points.

Assignments

• If you have ANY extenuating circumstance, please let me know EARLY (sick, military, etc.)
• Letting me know on the day the assignment is due is generally not acceptable
• I am understanding, but it makes it easier for me to help you if you tell me as soon as possible.

pwn.college demo!

Communication

• For questions about course material, assignments, please use the Discord server: https://discord.gg/k2aVudTUHw
• For disputes or official communications please contact the instructor or TA via email:
  • Instructor's email - mwittner@umd.edu
  • TA's email - mjl33@umd.edu
  • If for grading disputes, please contact the person who graded your assignment first

Discord Server

Office Hours

Michael Wittner - Instructor

• Wednesday's 7:30pm-9:30pm and by appointment

Michael Lindsay - Teaching Assistant

• Tuesday from 7pm - 9pm and by appointment

Office Hours