Linux CNO Programmer
An intensive, 10-week hands-on course focused on providing the skills and knowledge needed to become an advanced CNO programmer in the Linux environment.Course Description
The Linux Computer Network Operations Programmer course is an intensive, hands-on course focused on providing students with the skills and knowledge needed to become an advanced CNO programmer, with emphasis in the Linux environment. The class format combines lecture and demonstrations with practical lab assignments, including two labs that function as culminating exercises. After the completion of the three modules, the student will be capable of assisting in the CNO tool development lifecycle. The student will understand the tool objectives, environments, obstacles, and pitfalls associated with development, as well as strategies to meet objectives effectively and efficiently.
Prerequisites
• Programming experience in C.
• Experience in Linux Programming and x86_64 assembly.
• High academic achievement or operational/technical experience and an intense desire to learn.
What You Will Learn
Course Modules
Module 1: Core Module (17 Days)
Python (3 Days)
Become familiar with Python 3 syntax and commands to create basic programs, use modules and classes, and develop custom exceptions.
Networks (5 Days)
Build a foundation in network protocols, deep packet analysis, and programmatic protocol construction to develop basic network-related tools.
Assembly (3 Days)
Use x86/x86_64 assembly language to support CNO development, including memory access, call stack functionality, and procedure calls.
Software Reverse Engineering (5 Days)
Perform reverse engineering for CNO tool development, including static analysis with Ghidra and dynamic analysis with GDB.
Core Crucible (1 Day)
Apply concepts from the Core module in a team-based CTF challenge to analyze and exploit a botnet by reversing its protocol and developing communication tools.
Module 2: User Mode Development Module (20 Days)
Linux Systems Programming (4 Days)
Understand the principles of Linux programming, including using the Linux build environment, POSIX and GNU APIs, creating processes, and using pthreads for multithreaded programs.
Linux Internals (4 Days)
Gain an intermediate understanding of Linux’s structure, including the boot process, filesystems, ELF structure, the proc file system, and virtual memory.
CNO User Mode Development (5 Days)
Learn the fundamentals of CNO tool development, including code injection via ptrace, library redirection with LD_PRELOAD, ELF hooking, and creating self-deleting executables.
Vulnerability Research and Exploitation (5 Days)
Become familiar with multiple vulnerability classes, exploitation constructs, and modern security protections, and craft exploits for buffer overflows.
Linux User Mode Crucible (2 Days)
Apply concepts from the User Mode module to discover and exploit vulnerabilities in remote servers, hide modified code, and hijack control of a botnet.
Module 3: Kernel Mode Development Module (8 Days)
Linux Kernel Internals (5 Days)
Become familiar with the fundamentals of the Linux kernel, including compiling from source, dynamically debugging with GDB, developing loadable kernel modules, and implementing custom system calls.
CNO Kernel Mode Development (3 Days)
Actively assist in developing CNO kernel mode tools, including creating character devices for covert communication and hooking the VFS and networking subsystems.