Presentation is loading. Please wait.

Presentation is loading. Please wait.

System and Cyber Security

Published byΘεοδοσία Χρηστόπουλος Modified over 4 years ago

Similar presentations

Presentation on theme: "System and Cyber Security"— Presentation transcript:

1 System and Cyber Security
Kamlesh K. Biloniya Divya Chauhan Chaman Agrawal Kushagra Rajput Mentors: Siddarth Krishnamoorthy Soumye Singhal Semester Project'17 27 january – 15 april

2 System and Cyber Security
Abstract: this  project was about learning, exploring and exploiting various security vulnerability in a program.  Project was mostly based on system vulnerabilities under “old-style” Linux system. Contents: Basic linux command ssh login Assembly Language Buffer overflow attack Format string attack

3 Linux Basics Read, Write & Execute Permissions
Permissions are the basic "rights" to act on a file or directory. The basic rights are read, write and execute. Read - a readable permission allows the contents of the file to be viewed Write - a write permission on a file allows you to modify the contents of that file. Execute - for a file, the executable permission allows to run the file and execute a program.  We can view permissions for file for directory by ls –l command. 

4

5 chmod grep cat file ls cd find

6 SSH (the Secure Shell)  Using SSH requires a client on the local computer and a server on the remote one.  It establishes an encrypted connection to a remote computer, executes a command there and redirects its input and output across the connection.

7 Assembly Language  Assembly language is a low-level programming language. Assembly language is converted into executable machine code by an assembler. Computer basically consist of two things: CPU and memory. And there is some internal memory (registers) only accessible to CPU.

8

9 Some Assembly Instructions
mov eax, ebx — copy the value in ebx into eax push eax — push eax on the stack lea eax, [var] — the value in var is placed in EAX. jmp begin — Jump to the instruction labeled begin

10

11 Program Memory Stack Unused memory
heap .bss .data .text Used for storing function argument and local variable Dynamic memory-malloc() Uninitialized data Initialized data Program code

12 General Stack Layout 0xffffffff
int AddMe(int a, int b) { int c; c=a+b; return c; } main(){ AddMe(10,20) print(); return 0; High memory 12(%EBP) 8(%EBP) 4(%EBP) %EPB -4(%EBP) 0xffffffff  Arg2 Arg1 RET EBP-old Local var

13 Buffer overflow GetInput{ Char buffer[8]; gets(buffer); puts(buffer);
Simple Vulnerable Function:  GetInput{                   Char buffer[8];                   gets(buffer);                   puts(buffer); } Buffer: A  Temporary space in memory used for hold data. Buffer overflow: Happens when data written to the buffer is larger then size of buffer and due to insufficient bound checking it overflows and overwrites adjacent memory location. Gets() does not check if input size is greater than size  of buffer

14         Format String Attack: The Format String exploit occurs when the submitted data of an input string is evaluated as a command by the application. Using format String vulnerability we can read the stack , execute  code .

15 Format string vulnerable function:- gets(),scanf(), printf() ,Strcpy() , strcat() ….etc(they don't check size of input or output) Format parameters :- %n  Write an integer to the location in the process memory   %x    Read data from stack %s  Read character string from process memory 

16       Continue          With summer project

17 Pwntools CTF framework Written in python Makes exploitation easy
>>> from pwn import *   # it imports a lot of functionality into global namespace >>> p=process('/bin/sh') # starts process  >>>p.sendline('input')     # sends input >>>p.recvline(timeout=5) # receives output 

18 Canaries: Canaries are stack guard Used to check stack buffer overflow
But there are many techniques to bypass canaries

19 Shellcode injection and ROP
Exploiting to execute your own code with Root permission               Three step Procedure : Crafting shellcode Injecting shellcode Modify Execution flow –Run the shellcode 

20 buffer overflow: how It Works ???
Code:: #include<stdio.h> #include<stdlib.h> #include<unistd.h> #include<string.h>  int main(int argc, char* argv[]){     if(argc == 2){         if(filter(argv[1]))             exit(1);         else{             setenv("PATH", "/nonsense", 1);             printf("%s", argv[1]);             system(argv[1]);         }     }     else{         printf("Usage: ./cmd COMMAND\n");         exit(1);     return 0; int filter(char *s){      int r = 0;                  r+=(int)strstr(s, "/");                     r+=(int)strstr(s, "sh");                    r+=(int)strstr(s, "*");                         r+=(int)strstr(s, "flag");                          r+=(int)strstr(s, "who");                            r+=(int)strstr(s, "PATH");                      r+=(int)strstr(s, "=");                     r+=(int)strstr(s, "{");                      r+=(int)strstr(s, "}");    return r; 

21 Web Based Attack CSRF (Cross-site request forgery)
XSS  (Cross site scripting ) Attack  1. reflected xss attack 2. stored xss attack 3. DOM-based xss attack

22  Reflected xss attack

23          Continue ….... Course/project under Sandeep K. Shukla - Computer System Security / CS628A 1 june – 31 july

Download ppt "System and Cyber Security"

Similar presentations

Buffer Overflows Nick Feamster CS 6262 Spring 2009 (credit to Vitaly S. from UT for slides)

Buffer Overflows Nick Feamster CS 6262 Spring 2009 (credit to Vitaly S. from UT for slides)
Smashing the Stack for Fun and Profit

Smashing the Stack for Fun and Profit
David Brumley Carnegie Mellon University Credit: Some slides from Ed Schwartz.

David Brumley Carnegie Mellon University Credit: Some slides from Ed Schwartz.
Introduction to Information Security ROP – Recitation 5 nirkrako at post.tau.ac.il itamarg at post.tau.ac.il.

Introduction to Information Security ROP – Recitation 5 nirkrako at post.tau.ac.il itamarg at post.tau.ac.il.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.
Review: Software Security David Brumley Carnegie Mellon University.

Review: Software Security David Brumley Carnegie Mellon University.
Intro to Exploitation Stack Overflows James McFadyen UTD Computer Security Group 10/20/2011.

Intro to Exploitation Stack Overflows James McFadyen UTD Computer Security Group 10/20/2011.
1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.

1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.
Memory Image of Running Programs Executable file on disk, running program in memory, activation record, C-style and Pascal-style parameter passing.

Memory Image of Running Programs Executable file on disk, running program in memory, activation record, C-style and Pascal-style parameter passing.
1 Function Calls Professor Jennifer Rexford COS 217 Reading: Chapter 4 of “Programming From the Ground Up” (available online from the course Web site)

1 Function Calls Professor Jennifer Rexford COS 217 Reading: Chapter 4 of “Programming From the Ground Up” (available online from the course Web site)
Buffer Overflow Attacks. Memory plays a key part in many computer system functions. It’s a critical component to many internal operations. From mother.

Buffer Overflow Attacks. Memory plays a key part in many computer system functions. It’s a critical component to many internal operations. From mother.
Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-

Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-
The OWASP Top 10 and Buffer Overflow Attacks

The OWASP Top 10 and Buffer Overflow Attacks
Introduction to InfoSec – Recitation 2 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)

Introduction to InfoSec – Recitation 2 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
Web Application Access to Databases. Logistics Test 2: May 1 st (24 hours) Extra office hours: Friday 2:30 – 4:00 pm Tuesday May 5 th – you can review.

Web Application Access to Databases. Logistics Test 2: May 1 st (24 hours) Extra office hours: Friday 2:30 – 4:00 pm Tuesday May 5 th – you can review.
CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2011.

CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2011.
Exploiting Buffer Overflows on AIX/PowerPC HP-UX/PA-RISC Solaris/SPARC.

Exploiting Buffer Overflows on AIX/PowerPC HP-UX/PA-RISC Solaris/SPARC.
Buffer Overflows : An In-depth Analysis. Introduction Buffer overflows were understood as early as 1972 The legendary Morris Worm made use of a Buffer.

Buffer Overflows : An In-depth Analysis. Introduction Buffer overflows were understood as early as 1972 The legendary Morris Worm made use of a Buffer.
Introduction: Exploiting Linux. Basic Concepts Vulnerability A flaw in a system that allows an attacker to do something the designer did not intend,

Introduction: Exploiting Linux. Basic Concepts Vulnerability A flaw in a system that allows an attacker to do something the designer did not intend,
Mitigation of Buffer Overflow Attacks

Mitigation of Buffer Overflow Attacks

Similar presentations

Ads by Google