Exploiting & Defense Day 1 Recap

Slides:



Advertisements
Similar presentations
Practical Malware Analysis
Advertisements

Smashing the Stack for Fun and Profit
The art of exploitation
Review: Software Security David Brumley Carnegie Mellon University.
1 ICS 51 Introductory Computer Organization Fall 2006 updated: Oct. 2, 2006.
Practical Session 3. The Stack The stack is an area in memory that its purpose is to provide a space for temporary storage of addresses and data items.
Assembly Language for Intel-Based Computers Chapter 2: IA-32 Processor Architecture Kip Irvine.
ICS312 Set 3 Pentium Registers. Intel 8086 Family of Microprocessors All of the Intel chips from the 8086 to the latest pentium, have similar architectures.
September 22, 2014 Pengju (Jimmy) Jin Section E
Branch Regulation: Low-Overhead Protection from Code Reuse Attacks Mehmet Kayaalp, Meltem Ozsoy, Nael Abu-Ghazaleh and Dmitry Ponomarev Department of Computer.
Introduction to InfoSec – Recitation 2 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
Assembly Language for Intel-Based Computers, 4 th Edition Chapter 2: IA-32 Processor Architecture (c) Pearson Education, All rights reserved. You.
CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2011.
Assembly, Stacks, and Registers Kevin C. Su 9/26/2011.
Hello ASM World: A Painless and Contextual Introduction to x86 Assembly rogueclown DerbyCon 3.0 September 28, 2013.
Let’s look at an example I want to write an application that reports the course scores to you. Requirements: –Every student can only get his/her score.
Buffer Overflows : An In-depth Analysis. Introduction Buffer overflows were understood as early as 1972 The legendary Morris Worm made use of a Buffer.
Introduction: Exploiting Linux. Basic Concepts Vulnerability A flaw in a system that allows an attacker to do something the designer did not intend,
Mitigation of Buffer Overflow Attacks
COMP 2003: Assembly Language and Digital Logic Chapter 0: Some Background Notes by Neil Dickson.
University of Washington Today Happy Monday! HW2 due, how is Lab 3 going? Today we’ll go over:  Address space layout  Input buffers on the stack  Overflowing.
Introduction to InfoSec – Recitation 2 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
Derived from "x86 Assembly Registers and the Stack" by Rodney BeedeRodney Beede x86 Assembly Registers and the Stack Nov 2009.
Overflows & Exploits. In the beginning 11/02/1988 Robert Morris, Jr., a graduate student in Computer Science at Cornell, wrote an experimental, self-replicating,
Carnegie Mellon 1 Odds and Ends Intro to x86-64 Memory Layout.
CNIT 127: Exploit Development Ch 1: Before you begin.
What is exactly Exploit writing?  Writing a piece of code which is capable of exploit the vulnerability in the target software.
1 Understanding Pointers Buffer Overflow. 2 Outline Understanding Pointers Buffer Overflow Suggested reading –Chap 3.10, 3.12.
Chapter 2 Parts of a Computer System. 2.1 PC Hardware: Memory.
Reminder Bomb lab is due tomorrow! Attack lab is released tomorrow!!
University of Amsterdam Computer Systems – the instruction set architecture Arnoud Visser 1 Computer Systems The instruction set architecture.
CS642: Computer Security X86 Review Process Layout, ISA, etc. Drew Davidson
EXPLOITATION CRASH COURSE – FALL 2013 UTD Computer Security Group – Andrew Folloder csg.utdallas.edu (credit: Scott Hand)
1 Assembly Language: Function Calls Jennifer Rexford.
CSC 221 Computer Organization and Assembly Language Lecture 15: STACK Related Instructions.
CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2014.
Chapter Overview General Concepts IA-32 Processor Architecture
Let’s look at an example
Mitigation against Buffer Overflow Attacks
Buffer Overflow Buffer overflows are possible because C doesn’t check array boundaries Buffer overflows are dangerous because buffers for user input are.
CS 177 Computer Security Lecture 9
Instructions for test_function
Assembly function call convention
Exploiting and Defense
Instruction Set Architecture
Intel Architecture.
Introduction to Information Security
Credits and Disclaimers
The Hardware/Software Interface CSE351 Winter 2013
Computer Architecture and Assembly Language
Linux Userspace Process Memory Layout
Exploiting & Defense Day 2 Recap
Aaron Miller David Cohen Spring 2011
Recitation: Attack Lab
Summary by - Bo Zhang and Shuang Guo [Date: 03/31/2014]
CS 465 Buffer Overflow Slides by Kent Seamons and Tim van der Horst
Machine Level Representation of Programs (IV)
CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2015.
Week 2: Buffer Overflow Part 1.
Computer Architecture CST 250
X86 Assembly Review.
“Way easier than when we were students”
CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2016.
Credits and Disclaimers
CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2013.
System and Cyber Security
Computer Architecture and System Programming Laboratory
Computer Architecture and System Programming Laboratory
Computer Architecture and System Programming Laboratory
Return-to-libc Attacks
Presentation transcript:

Exploiting & Defense Day 1 Recap

Exploits and Vulnerabilities A Exploit: Program which exploits a vulnerability Exploit types: Local (Privilege Escalation) Remote (Attack a server / service) Client (Attack a client program) Memory corruption: Exploit memory-unsafe languages (C, C++)

Van Neumann Architecture RAM CPU <magic> Read: Data Instructions Write: Data Instructions

Intel: Little endianness 32 bit = 4 bytes 2864434397 Number in Decimal (10) 0xAABBCCDD Number in Hex (16) DD CC BB AA Little Endian Storage 1 2 3 4

Important Intel Registers 32 64 Acronym Points to? EIP RIP Instruction Pointer Next instruction to be executed ESP RSP Stack Pointer Top of Stack EBP RBP Base Pointer Current Stack Frame (Bottom) Also: EAX, EBX, ECX, EDI, ESI, R8-R12

Process Memory Layout in Linux 0xc0000000 0xbfffffff Stack char array[16]; malloc(16) Heap Code mapping ELF File 0x0804800 0x0000000

Our objective (spoiler alert!)

Stack based buffer overflow exploit 0xAA00 char firstname[64] SIP 0xAA00 CODE CODE CODE CODE CODE AA00 Jump to buffer with shellcode

Stack based buffer overflow exploit 0xFF00 char firstname[64] SIP 0xAA00 CODE CODE CODE CODE CODE AA00 Jump to buffer with shellcode

Defeat Exploit Mitigations So… Intel Architecture Buffer Overflow Memory Layout C Arrays BoF Exploit Assembler Remote Exploit Shellcode Exploit Mitigations Function Calls Defeat Exploit Mitigations Debugging

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.