CSC 495/583 Topics of Software Security Stack Overflows

Slides:

Advertisements

Similar presentations

I/O: SPARC Assembly Department of Computer Science Georgia State University Georgia State University Updated Spring 2014.

Advertisements

The art of exploitation

CSc 352 Programming Hygiene Saumya Debray Dept. of Computer Science The University of Arizona, Tucson

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.

Utilizing the GDB debugger to analyze programs Background and application.

Chapter 8: System Software Part of any computer system is the system software –This is software that supports our use of the computer –We will examine.

1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.

Stack buffer overflow

Teaching Buffer Overflow Ken Williams NC A&T State University.

Software and Software Vulnerabilities. Synopsis Array overflows Stack overflows String problems Pointer clobbering. Dynamic memory management Integer.

Achieving Trusted Systems by Providing Security and Reliability Ravishankar K. Iyer, Zbigniew Kalbarczyk, Jun Xu, Shuo Chen, Nithin Nakka and Karthik Pattabiraman.

OllyDbg Debuger.

1 RISE: Randomization Techniques for Software Security Dawn Song CMU Joint work with Monica Chew (UC Berkeley)

Buffer Overflow Attacks. Memory plays a key part in many computer system functions. It’s a critical component to many internal operations. From mother.

Recitation: Bomb Lab June 5, 2015 Dipayan Bhattacharya.

University of Washington CSE 351 : The Hardware/Software Interface Section 5 Structs as parameters, buffer overflows, and lab 3.

Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-

CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2011.

Computer Security and Penetration Testing

Introduction: Exploiting Linux. Basic Concepts Vulnerability A flaw in a system that allows an attacker to do something the designer did not intend,

Rpisec.org/2013/ /exploitation.zip For the lazy – rpisec.org/2013/ Windows & Linux Binaries! … macs? RPISEC - 09/13/2013Intro to Memory Corruption1.

Buffer Overflow CS461/ECE422 Spring Reading Material Based on Chapter 11 of the text.

Carnegie Mellon Recitation: Bomb Lab 21 Sep 2015 Monil Shah, Shelton D’Souza.

Introduction to InfoSec – Recitation 2 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)

Lecture 8: Control, Procedures, and the Stack CS 2011 Fall 2014, Dr. Rozier.

CNIT 127: Exploit Development Ch 3: Shellcode. Topics Protection rings Syscalls Shellcode nasm Assembler ld GNU Linker objdump to see contents of object.

C Lab 1 Introduction to C. Basics of C Developed by Dennis Ritchie in the 1970s. Maps very easily to machine instructions. Even allows inline assembly!

Buffer Overflow Group 7Group 8 Nathaniel CrowellDerek Edwards Punna ChalasaniAxel Abellard Steven Studniarz.

Buffer Overflow Attack Proofing of Code Binary Gopal Gupta, Parag Doshi, R. Reghuramalingam, Doug Harris The University of Texas at Dallas.

Shellcode Development -Femi Oloyede -Pallavi Murudkar.

Debugging 1/6/2016. Debugging 1/6/2016 Debugging  Debugging is a methodical process of finding and reducing the number of bugs, or defects, in a program.

Microkernel Systems - Jatin Lodhia. What is Microkernel A microkernel is a minimal computer operating system kernel which, in its purest form, provides.

Group 9. Exploiting Software The exploitation of software is one of the main ways that a users computer can be broken into. It involves exploiting the.

Security Attacks Tanenbaum & Bo, Modern Operating Systems:4th ed., (c) 2013 Prentice-Hall, Inc. All rights reserved.

CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2014.

Secure Coding Techniques

Buffer Overflows ...or How I Learned to Never Trust the User

Buffer Overflow Attacks

Kernel Design & Implementation

Udaya Shyama Pallathadka Ganapathi Bhat CSCE 548 Student Presentation

CSC 253 Lecture 9.

Dynamic Analysis ddaa.

Debugging with gdb gdb is the GNU debugger on our CS machines.

CSC 495/583 Topics of Software Security Stack Overflows (2)

CMSC 414 Computer and Network Security Lecture 21

Ken D. Nguyen Department of Computer Science Georgia State University

CS 465 Buffer Overflow Slides by Kent Seamons and Tim van der Horst

/GS Switch in Visual Studio

Memory Management III: Perils and pitfalls Mar 13, 2001

CSC 495/583 Topics of Software Security Format String Bug (2) & Heap

Smashing the Stack for Fun and Profit

CSC 495/583 Topics of Software Security StackGuard & Format String Bug

CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2015.

The future of Software Security Dr. Si Chen

CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow II: Defense Techniques Cliff Zou Spring 2009.

System Level Programming Software College of SCU

Reverse Engineering for CTFs

Homework Continue with K&R Chapter 5 Skipping sections for now

Ken D. Nguyen Department of Computer Science Georgia State University

CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2016.

Understanding and Preventing Buffer Overflow Attacks in Unix

CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2013.

FIGURE Illustration of Stack Buffer Overflow

Several Tips on Project 1

Exploitation Part 1.

Format String Vulnerability

Return-to-libc Attacks

By Hugues Leger / Intro to GDB debugger By Hugues Leger / 11/16/2019.

Introduction to C CS 3410.

Presentation transcript:

CSC 495/583 Topics of Software Security Stack Overflows Class5 CSC 495/583 Topics of Software Security Stack Overflows Dr. Si Chen (schen@wcupa.edu)

Review

System Call

System Call User code can be arbitrary User code cannot modify kernel memory The call mechanism switches code to kernel mode

System Call http://syscalls.kernelgrok.com

Example: Hello World helloworld.asm

“Memory Corruption” What is it?

“Memory Corruption” Modifying a binary’s memory in a way that was not intended Broad umbrella term for most of what the rest of this class will be The vast majority of system-level exploits (real-world and competition) involve memory corruption

Buffers A buffer is defined as a limited, contiguously allocated set of memory. The most common buffer in C is an array.

Buffers A buffer is defined as a limited, contiguously allocated set of memory. The most common buffer in C is an array.

A novice C programmer mistake This example shows how easy it is to read past the end of a buffer; C provides no built-in protection.

Another C programmer mistake Our compiler gives us no warnings or errors!!

Crash report

Stack Frame

Overflow.c

Overflow.c

gdb GNU Debugger - Basics disassemble main (disas main) set disassembly-flavor intel break main (b main) run stepi (s), step into nexti (n), step over

GNU Debugger – Examine Memory Examine memory: x/NFU address N = number F = format U = unit • Examples x/10xb 0xdeadbeef, examine 10 bytes in hex x/xw 0xdeadbeef, examine 1 word in hex x/s 0xdeadbeef, examine null terminated string

Overflowing array results in overwriting other items on the stack

Overflow.c

Print ABCD

Print 100A(s)

BASH refresher

gdb io

Q & A