The training explains in details the mechanisms underlying typical C/C++ security relevant programming bugs – the common security vulnerabilities. The root causes of the problems are explained through a number of easy-to-understand source code examples, which at the same time make clear how to find and correct these problems in practice. The real strength of the course lays in numerous hands-one exercises, which help the participants understand how easy it is to exploit these vulnerabilities by the attackers.
- Common security vulnerabilities
Buffer Overflow (BOF), stack and heap overflow; array indexing problems, the unicode bug; missing or improper input validation, integer problems, widthness bug, signedness bug, arithmetic overflow, Printf format string bug (PFS), Directory Traversal Vulnerability (DTV); improper use of security features, weak randomness, password management; error handling-related problems; race conditions, Time-of-Checking-to-Time-of-Usage (TOCTTOU) vulnerability, safe signal handling, and many more…
- Mitigation techniques:
Never eXecute (NX bit) access mode of Virtual Memory Management (VMM); Address Space Layout Randomization (ASLR) – PaX, ExecShield; Stack smashing protection (SSP), StackGuard, ProPolice…
Sexploiting stack overflow – executing shell codes; applying protection techniques (stack smashing protection, non-executable stack and heap, ASLR); circumventing protections with NOP sleding, Return-to-libc attack, Return Oriented Programming (ROP); understanding integer problems; applying mitigation techniques; crafting a printf format attack string – write-what-where (WWW) possibilities; password management; problems of exception-based error handling; exploiting race conditions; and many spot- and-correct-the-bug exercises.