Module 30 (Unix/Linux Security Issues II)

Slides:

Advertisements

Similar presentations

Buffer Overflows Nick Feamster CS 6262 Spring 2009 (credit to Vitaly S. from UT for slides)

Advertisements

Vulnerabilities in Embedded Harvard Architecture Processors Presented By: Michael J. Hohnka Cyber Vulnerabilities Lead Cyber Innovation Division Communications,

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 11 – Buffer Overflow.

Breno de MedeirosFlorida State University Fall 2005 Buffer overflow and stack smashing attacks Principles of application software security.

1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.

Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.

Chapter 15 : Attacking Compiled Applications Alexis Kirat - International Student.

Run-Time Storage Organization

Achieving Trusted Systems by Providing Security and Reliability Ravishankar K. Iyer, Zbigniew Kalbarczyk, Jun Xu, Shuo Chen, Nithin Nakka and Karthik Pattabiraman.

SQL Injection and Buffer overflow

Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.

CS252: Systems Programming Ninghui Li Final Exam Review.

CSC 386 – Computer Security Scott Heggen. Agenda Introduction to Software Security.

Java Security. Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security Manager.

Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-

MIPS coding. SPIM Some links can be found such as:

Exploitation: Buffer Overflow, SQL injection, Adobe files Source:

Chapter 6 Buffer Overflow. Buffer Overflow occurs when the program overwrites data outside the bounds of allocated memory It was one of the first exploited.

Exploiting Buffer Overflows on AIX/PowerPC HP-UX/PA-RISC Solaris/SPARC.

Computer Security and Penetration Testing

Introduction: Exploiting Linux. Basic Concepts Vulnerability A flaw in a system that allows an attacker to do something the designer did not intend,

1 Names, Scopes and Bindings Aaron Bloomfield CS 415 Fall

CS 4010 Hacking Samba Server Vulnerabilities. Recon Telnet headers claim the following: –Red Hat Linux release 9 (Shrike) –Kernel smp on an i686.

CNIT 127: Exploit Development Ch 4: Introduction to Format String Bugs.

Buffer Overflow Attack-proofing by Transforming Code Binary Gopal Gupta Parag Doshi, R. Reghuramalingam The University of Texas at Dallas 11/15/2004.

CSCE 548 Integer Overflows Format String Problem.

Chapter 1 Introduction. Chapter 1 - Introduction 2 The Goal of Chapter 1 Introduce different forms of language translators Give a high level overview.

Buffer Overflow Proofing of Code Binaries By Ramya Reguramalingam Graduate Student, Computer Science Advisor: Dr. Gopal Gupta.

Buffer Overflow Group 7Group 8 Nathaniel CrowellDerek Edwards Punna ChalasaniAxel Abellard Steven Studniarz.

Buffer Overflow Attack Proofing of Code Binary Gopal Gupta, Parag Doshi, R. Reghuramalingam, Doug Harris The University of Texas at Dallas.

Lecture 13 Page 1 CS 236 Online Major Problem Areas for Secure Programming Certain areas of programming have proven to be particularly prone to problems.

Sairajiv Burugapalli. This chapter covers three main categories of classic software vulnerability: Buffer overflows Integer vulnerabilities Format string.

Information Security - 2. A Stack Frame. Pushed to stack on function CALL The return address is copied to the CPU Instruction Pointer when the function.

Security Attacks Tanenbaum & Bo, Modern Operating Systems:4th ed., (c) 2013 Prentice-Hall, Inc. All rights reserved.

CS426Fall 2010/Lecture 141 Computer Security CS 426 Lecture 14 Software Vulnerabilities: Format String and Integer Overflow Vulnerabilities.

C is a high level language (HLL)

VM: Chapter 7 Buffer Overflows. csci5233 computer security & integrity (VM: Ch. 7) 2 Outline Impact of buffer overflows What is a buffer overflow? Types.

1 Chapter 2: Operating-System Structures Services Interface provided to users & programmers –System calls (programmer access) –User level access to system.

CSC 482/582: Computer Security

Secure Coding Rules for C++ Copyright © 2016 Curt Hill

Content Coverity Static Analysis Use cases of Coverity Examples

Shellcode COSC 480 Presentation Alison Buben.

Major Problem Areas for Secure Programming

SE-1021 Software Engineering II

Introduction to Operating Systems

Protecting Memory What is there to protect in memory?

CSE 374 Programming Concepts & Tools

Protecting Memory What is there to protect in memory?

Protecting Memory What is there to protect in memory?

Java Programming Language

UNIX System Overview.

C++ History C++ was designed at AT&T Bell Labs by Bjarne Stroustrup in the early 80's Based on the ‘C’ programming language C++ language standardised in.

Secure Coding Rules for C++ Copyright © Curt Hill

Stack Data Structure, Reverse Polish Notation, Homework 7

CMSC 414 Computer and Network Security Lecture 21

High Coverage Detection of Input-Related Security Faults

Introduction to Operating Systems

CS 465 Buffer Overflow Slides by Kent Seamons and Tim van der Horst

Security in Java Real or Decaf? cs205: engineering software

CSC 495/583 Topics of Software Security Format String Bug (2) & Heap

Week 2: Buffer Overflow Part 2.

Cyclone: A safe dialect of C

Homework Reading Programming Assignments Finish K&R Chapter 1

Understanding and Preventing Buffer Overflow Attacks in Unix

Outline Introduction Memory protection Buffer overflows

Week 3: Format String Vulnerability

SPL – PS2 C++ Memory Handling.

Format String Vulnerability

Presentation transcript:

Module 30 (Unix/Linux Security Issues II) At the end of this module, you'll know more about Unix/Linux security issues. You'll understand more exploits at a little more fundamental level. You'll also get more ideas about how to avoid writing malware-ready code. Module 30

Modern Stack Smashing Attacks Although proponents of the technique thought have Non-executable stack segments would stop buffer overflows, they were wrong. Return-Oriented Programing (ROP ) writes arguments and returns to code (gadets) that appear in libraries just before a return to get some work done. It's a tricky method to get code executed by adjusting the stack but without writing the code in the stack. Every concept people have had about inability to overcome technological barriers to exploiting buffer overflows has ended up being wrong. I attribute this to the fact that both data (locals and parameters) and code (return addresses) appear in the stack. Until we have machines that more closely mimic a Harvard architecture, its best not to write code that lets buffers overflow. Module 30

Format String Attacks Format string vulnerabilities, like buffer overflows, result from a program not correctly handling user data. These usually appear in C programs that use printf or sprintf. User input is inserted into a format string without modification and inserts unexpected format characters (%s, %n, etc.) In extreme cases, this can allow arbitrary code to be executed. Module 30

Avoiding Format String Errors “An ounce of prevention is worth a pound of cure.” Although numerous static code checking software has been written to identify format error problems, the best method is to avoid using printf and sprintf entirely. If you must write in C, write in the better C dialect of C++ and use cout rather than printf. Far fewer errors will result. Module 30

Input Validation in General Hacking Exposed 7 cites the case of the Solaris 2007 telnet 0-day that allowed anyone to log in as root. Issuing telnet -l “-f user” hostname would cause login (run as root) to receive the command line switch setting -f user which would allow the program to run as that user without providing a password. Two ways to avoid input validation problems: Black Listing: disallow bad input. (Not so good.) “Porter's a good boy. He minds well enough. I just can't think of enough things to tell him not to do.” – Ferrol Sams, Run with the Horsemen. White Listing: allow only good input. (Better when implemented correctly.) To implement this correctly, the parser for whitelisting must be as powerful as the input language. Module 30

Arithmetic Error Attacks All data in hardware represented as binary strings. In signed data (usually twos complement) the most significant bit (MSB) is interpreted as the sign bit. Typical hardware does not know how large an operand is or whether it is signed or not. The code generated by compilers and interpreters must keep track of that. C conversion/coercion rules are notoriously difficult to understand fully, leading to many subtle errors. Highly exploitable integer errors are ones that can lead to buffer overflows. These usually involve loop control variables, or variables that keep track of the length of data structures. Module 30

Dangling Reference (Pointer) Attacks Dangling references occur when heap or stack allocated storage is freed, but pointers to the data are not set to NULL. One way problems occur is when the same storage is freed multiple times. It might seem surprising that this could cause problems, but a vulnerability in CVS (concurrent versioning system) used this method to allow a remote attacker to cause corruption of heap storage and execute arbitrary code. Managing storage manually is hard! Using a system with automated garbage collection is the best option for avoiding these kinds of problems. GC separates the concerns of dealing with storage from dealing with your program. Module 30