01.23.20

May 3rd: RISC-V Workshop

Posted in Uncategorized at 10:09 by admin

What: RISC-V Workshop
When: Sunday, May 3rd, 10:00AM-4:00PM
Where: Black Lodge Research’s classroom

This is is a two-part workshop on the RISC-V processor, with multiple hands-on labs, using emulated/simulated RISC-V, no RISC-V dev boards. Part 1, Reading and Writing RISC-V Assembly Language, focuses on RISC-V assembly language and how to read and write it, and how to generate and read assembly language from C code, and how to mix asm with C, externally and inline. We’ll use a QEMU-based VM on your laptop running a RISC-V-based Linux OS, and a few other RISC-V simulators/emulators, and spend most of the time with bash/vim, and both the GNU GCC and LLVM Clang toolchains to write and debug code. Part 2, Exploiting RISC-V Machine Language, focuses on RISC-V machine language — specifically the Linux ELF-flavored userspace binaries, and how to do RISC-V versions of common binary exploitation techniques, stack attacks, ROP, and shellcode. We’ll use Radare2/Cutter and some command line tools to examine RISC-V Linux ELF binaries. Lunch break between parts 1 and 2, probably grill some burgers with the BLR BBQ.

Requirements:
1) Laptop, with data backed up, running fresh version of QEMU (not VirtualBox or VMWare or other VM tool).
2) Understand at least one existing assembly language, including concepts like Registers, Stack, Hex/Bin Math, Twos Complement, Bit Shifting, etc.
3) Understand basics of C language, we’ll be disassembling C as well calling assembly from C (externally and via asm).
4) Understand basics of Radare, it has built-in RISC-V support, unlike IDA.
5) Understand basics of how to use GDB or LLDB debuggers.
6) Understand basics of Smashing Stacks for Fun and Profit, and ROP exploits.

Background materials for preparing:
https://github.com/riscv/
https://riscv.org/
https://www.amazon.com/RISC-V-Reader-Open-Architecture-Atlas/dp/0999249118
https://www.amazon.com/Computer-Organization-Design-RISC-V-Architecture/dp/0128122757/
https://github.com/donbmouse/riscv-security
https://github.com/chrysh/riscv_exploitation
https://github.com/Technolution/riscv-security-tutorial

Comments are closed.