Review of SLAE32 / SLAE64
Overview
OK, I don’t like the course name, but that’s it :)
SLAE32 and SLAE64 are two course made by Vivek Ramachandran when Securitytube was still a thing.
As the name suggest, courses cover assembly language on Linux for 32bit (x86) and 64bit (amd64).
Courses and certification was like $150 each, but I remember seeing somewhere an offer of a bundle of two for the price of one. Was a nobrainer.
Material
Because of how Securitytube was born, you are provided with videos only. It’s not a big problem because video are short enough, and Vivek is pretty clear.
The courses introduce students from the basics to medium knowledge.
You will learn:
- the purpose of registers
- how to move data
- simple operations
- loops and “functions”
- conditional instructions
- encoding basics
- handling with socket and syscall
- what a shellcode is and how to write one
- of course, compiling assembly (nasm) to have an executable
- principle of polymorphism and how to modify 3rd parties code
- how to read assembly, and how to be sure you won’t format your computer by running untrusted one
- and some neat trick
They’re splitted in two parts: a more theorical one, with exercise that covers data type, data movement, operations and so on, and a practical one when you start writing your own assembly code.
Both courses are heavily hands on: if you don’t read/write a lot of assembly, it will look like ancient greek and you’re screwed in a breeze :)
I must say that the course are pretty similar, you don’t need to really take both. Of course SLAE64 shows how to pass argument using the 64bit mode, and there are other differences because of 64bit itself.
Extra miles
Given that the course is quite old, it doesn’t mention “modern” programs. For example, I remember I used (GEF)[https://github.com/hugsy/gef] plugin for GDB, and I also used (Binary Ninja)[https://binary.ninja/] to view disassembled code not because it’s needed but to become more confident with the tool itself.
When I say old I don’t mean outdated: it doesn’t cover advanced tricks but assembly basics has been written by Adam&Eve, you’ll find yourself reading documents written 10+ years ago pretty frequently, don’t be stuck with newer-is-better here.
The only extra mile I suggest is to write and read as much assembly as you can. I ended up crawling paper written by virus enthusiast, there is really a new world down there.
Exam
Exam format is quite uncommon: you are tasked with 7 exercises and you have literally all the time you need to complete them.
As soon as you finished one exercise, you have to publish a blog post (mine are (here)[https://gulyslae.github.io/]) or something like that, and move to the next one.
When you’re done, an examinator will review and grant you the status of SLAE certified. Because with a format like this, I don’t see how a student could be denied :)
I liked a lot this because it let you to do a search-read-dig_more loop until you really have it done the way you like.
On a time-constrained exam you can find yourself cheating by taking shortcuts because it works, with SLAE32 and SLAE64 there is no need to rush.
Take care of your knowledge and do all the research you need, you’re doing this course+exam for the knowledge.
Conclusion
If you are interesting in reversing, exploiting, or just want to know more what’s down there do at least one and study relevant information for the platform you skip.
You can surely find similar resources for free, but it’s really worth the bucks.
Ok, I’m going to stress this again: don’t stop reading/writing assembly after, or you will loose everything in a matter of days.
`
xor eax,eax
mov al,0x1
int 0x80
`