Title: Source Engine code auditing adventure
In this talk I will talk about the Source Engine, the leaked codebase and how I audited it to find vulnerabilities. This also acts as a case study on how real life code bases are audited.
The participants should have basic knowledge on C/C++, basic knowledge on x86 memory exploitation techniques, and how exploit mitigations (NX, ASLR, Stack Canaries) work.
I’m Bien Pham, an offensive security engineer from the Sea Security Team. I’m known for finding vulnerabilities in Valve Corporation’s games, for instance, the Counter-Strike series. I also play CTFs, mostly handling pwn challenges.
Title: SecWed Mini CTF
To end off Security Wednesdays for this semester, We will be having a mini CTF session where the participants will get time to try out different challenges.
Nearer to the end of the session, we will be going through the answers for each of the CTF challenges.