Added new details

Author: nnamon

.gitignore

@@ -1,2 +1,3 @@
 *.pyc
 .vagrant
+ubuntu-xenial-16.04-cloudimg-console.log

README.md

@@ -10,23 +10,26 @@ expected of the following topics:
 
 1. An Understanding of x86-64 Assembly
 2. Familiarity with GDB
-3. Familiarity with C
+3. Familiarity with C and Python
 4. Familiarity with the Standard Jump to Shellcode Exploits
 
 ## Syllabus
 
-1. [Setting Up the
-   Environment](./lessons/0_setting_up_environment/lessonplan.md)
+1. [Setting Up the Environment]
 2. How Does a Linux Binary Work?
-3. Classic Exploitation Theory
-4. Linux Binary Protections
-5. The Classic Exploitation Technique
-6. Bypassing NX with Return Oriented Programming
-7. ASLR in Depth
-8. Bypassing ASLR with NX Disabled
-9. Bypassing ASLR/NX with Ret2GOT
-10. Bypassing ASLR/NX with Ret2Libc
-11. Memory Leaks
-12. Multi-Stage Ret2Libc
-13. Format String Vulnerabilties
-14. Bypassing Stack Canaries with Format String Bugs
+3. Introduction to PEDA and Pwntools
+4. Classic Exploitation Theory
+5. Linux Binary Protections
+6. The Classic Exploitation Technique
+7. Bypassing NX with Return Oriented Programming
+8. ASLR in Depth
+9. Bypassing ASLR with NX Disabled
+10. Bypassing ASLR/NX with Ret2GOT
+11. Bypassing ASLR/NX with Ret2Libc
+12. Memory Leaks
+13. Multi-Stage Ret2Libc
+14. Format String Vulnerabilties
+15. Bypassing Stack Canaries with Format String Bugs
+
+
+[Setting Up The Environment]: ./lessons/1_setting_up_environment/lessonplan.md

Vagrantfile

@@ -64,8 +64,15 @@ Vagrant.configure("2") do |config|
   # Enable provisioning with a shell script. Additional provisioners such as
   # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
   # documentation for more information about their specific syntax and use.
-  # config.vm.provision "shell", inline: <<-SHELL
-  #   apt-get update
-  #   apt-get install -y apache2
-  # SHELL
+  config.vm.provision "shell", inline: <<-SHELL
+    dpkg --add-architecture i386
+    apt-get update
+    apt-get install -y libc6:i386 libncurses5:i386 libstdc++6:i386 gdb python python-pip libssl-dev gcc git
+	 	pip install --upgrade pip
+		pip install pwntools
+		pip install ipython
+		pip install ropper
+		git clone https://github.com/longld/peda.git /home/ubuntu/peda
+		echo "source ~/peda/peda.py" >> /home/ubuntu/.gdbinit
+  SHELL
 end

lessons/0_setting_up_environment/lessonplan.md

@@ -0,0 +1,99 @@
+# Setting Up the Environment
+
+We will be using vagrant to standardise the environment so following the lesson
+plan is easy. The Vagrantfile will provision the appropriate pre-requisites but
+please go through this document to get an understanding of the steps required to
+prepare the testing environment.
+
+## Mandatory Steps
+
+First, install vagrant and virtualbox. Vagrant can be downloaded from [this
+link](vagrantdl). Virtualbox can be downloaded from [here](virtualboxdl).
+
+Next, clone the repository onto your host machine.
+
+```shell
+amon@bethany:~$ git clone https://github.com/nnamon/linux-exploitation-course.git
+Cloning into 'linux-exploitation-course'...
+remote: Counting objects: 19, done.
+remote: Compressing objects: 100% (14/14), done.
+remote: Total 19 (delta 2), reused 15 (delta 1), pack-reused 0
+Unpacking objects: 100% (19/19), done.
+Checking connectivity... done.
+amon@bethany:~$
+```
+
+Now, bring the vagrant box up.
+
+```shell
+amon@bethany:~/sproink/linux-exploitation-course$ vagrant up
+Bringing machine 'default' up with 'virtualbox' provider...
+==> default: Importing base box 'ubuntu/xenial64'...
+==> default: Matching MAC address for NAT networking...
+==> default: Checking if box 'ubuntu/xenial64' is up to date...
+==> default: Setting the name of the VM: linux-exploitation-course_default_1483872823092_95278
+==> default: Clearing any previously set network interfaces...
+==> default: Preparing network interfaces based on configuration...
+    default: Adapter 1: nat
+==> default: Forwarding ports...
+    default: 22 (guest) => 2222 (host) (adapter 1)
+==> default: Running 'pre-boot' VM customizations...
+==> default: Booting VM...
+==> default: Waiting for machine to boot. This may take a few minutes...
+    default: SSH address: 127.0.0.1:2222
+    default: SSH username: ubuntu
+    default: SSH auth method: password
+    default:
+    default: Inserting generated public key within guest...
+    default: Removing insecure key from the guest if it's present...
+    default: Key inserted! Disconnecting and reconnecting using new SSH key...
+... snip ...
+```
+
+Once the provisioning finishes, you can ssh into the vagrant box.
+
+```shell
+amon@bethany:~/linux-exploitation-course$ vagrant ssh
+Welcome to Ubuntu 16.04.1 LTS (GNU/Linux 4.4.0-57-generic x86_64)
+
+ * Documentation:  https://help.ubuntu.com
+ * Management:     https://landscape.canonical.com
+ * Support:        https://ubuntu.com/advantage
+
+  Get cloud support with Ubuntu Advantage Cloud Guest:
+    http://www.ubuntu.com/business/services/cloud
+
+0 packages can be updated.
+0 updates are security updates.
+
+
+ubuntu@ubuntu-xenial:~$ ls -la
+total 28
+drwxr-xr-x 4 ubuntu ubuntu 4096 Jan  8 10:54 .
+drwxr-xr-x 3 root   root   4096 Jan  8 10:54 ..
+-rw-r--r-- 1 ubuntu ubuntu  220 Aug 31  2015 .bash_logout
+-rw-r--r-- 1 ubuntu ubuntu 3771 Aug 31  2015 .bashrc
+drwx------ 2 ubuntu ubuntu 4096 Jan  8 10:54 .cache
+-rw-r--r-- 1 ubuntu ubuntu  655 Jun 24  2016 .profile
+drwx------ 2 ubuntu ubuntu 4096 Jan  8 10:54 .ssh
+-rw-r--r-- 1 ubuntu ubuntu    0 Jan  8 10:54 .sudo_as_admin_successful
+ubuntu@ubuntu-xenial:~$
+```
+
+## What Was Installed?
+
+This is the entire provisioning script:
+
+```ruby
+  config.vm.provision "shell", inline: <<-SHELL
+    dpkg --add-architecture i386
+    apt-get update
+    apt-get install -y libc6:i386 libncurses5:i386 libstdc++6:i386 gdb python python-pip libssl-dev gcc
+    pip install --upgrade pip
+    pip install pwntools
+    pip install ipython
+  SHELL
+```
+
+[vagrantdl]: https://www.vagrantup.com/downloads.html
+[virtualboxdl]: https://www.virtualbox.org/wiki/Downloads

lessons/1_setting_up_environment/lessonplan.md

@@ -0,0 +1,5 @@
+# Introduction to PEDA and Pwntools
+
+GDB with PEDA and Pwntools are two tools that we will be using extensively
+throughout the course. This section is designed to run through their basic use
+and to work out any possible kinks that might arise.