Presentation is loading. Please wait.

Presentation is loading. Please wait.

Injection Mark Shtern. Example Code from old IRIX login screen: char buf[1024]; snprintf(buf, "system lpr -P %s", user_input, sizeof(buf)- 1); system(buf);

Published byGillian Sullivan Modified over 9 years ago

Similar presentations

Presentation on theme: "Injection Mark Shtern. Example Code from old IRIX login screen: char buf[1024]; snprintf(buf, "system lpr -P %s", user_input, sizeof(buf)- 1); system(buf);"— Presentation transcript:

1 Injection Mark Shtern

2 Example Code from old IRIX login screen: char buf[1024]; snprintf(buf, "system lpr -P %s", user_input, sizeof(buf)- 1); system(buf); Attack: FRED; xterm&

3 Injections Injection problems occur when untrusted data is – Placed into trusted data – Passed to some sort of compiler or interpreter – Treated as something other than data

4 Impact Privilege escalation Information Leakage Control of a victim machine Denial of Service Access to victim resources Software unlocking

5 Attack ideas Code injection into script (eval, execv) Module Substitution (DLL injection, Java class injection) System call, external command, environment variable substitution Debug mode

6 DLL injection Linker dynamically load modules Linux LD_PRELOAD="./test.so" prog Windows HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wind ows NT\CurrentVersion\Windows\AppInit_DLLs

7 Substitute external command Example system(“ls -l”); Execution depends on – The binary code associated with ls – The PATH environment variable

8 Debug mode Most industrial applications contain hidden debug hooks They can be used for good or for evil

9 Java class injection Java VM loads classes dynamically Attacker may substitute any Java class – Develop new class with the same signature – Modify existing class

10 Modify existing class Decompile Java class Modify source code Compile modified source code Overwrite original class

11 Injection Countermeasures Validate user input Do not store confidential information in the source code Deploy obfuscated code Use least privileges design concept Do not pass user input to an interpreter Digitally sign production code

12 Tools Debuggers (gdb, WinDgb) Java decompilers (Jode, JD ) Java code obfuscators (Jode, ProGuard) IDE (Eclipse, Netbeans, Visual Studio 2008/2010 )

Download ppt "Injection Mark Shtern. Example Code from old IRIX login screen: char buf[1024]; snprintf(buf, "system lpr -P %s", user_input, sizeof(buf)- 1); system(buf);"

Similar presentations

Programming Merit Badge

Programming Merit Badge
Internetteknologi (ITNET1) Extra Presentation Java IDE Tool Support.

Internetteknologi (ITNET1) Extra Presentation Java IDE Tool Support.
Utilizing the GDB debugger to analyze programs Background and application.

Utilizing the GDB debugger to analyze programs Background and application.
SYSTEM PROGRAMMING & SYSTEM ADMINISTRATION

SYSTEM PROGRAMMING & SYSTEM ADMINISTRATION
Introduction to Programming Lecture 2. Today’s Lecture Software Categories Software Categories System Software System Software Application Software Application.

Introduction to Programming Lecture 2. Today’s Lecture Software Categories Software Categories System Software System Software Application Software Application.
Systems Software.

Systems Software.
Creating a Program In today’s lesson we will look at: what programming is different types of programs how we create a program installing an IDE to get.

Creating a Program In today’s lesson we will look at: what programming is different types of programs how we create a program installing an IDE to get.
Computer Science Basics CS 216 Fall 2012. Operating Systems interface to the hardware for the user and programs The two operating systems that you are.

Computer Science Basics CS 216 Fall Operating Systems interface to the hardware for the user and programs The two operating systems that you are.
Install Software in Ubuntu. Do you have Internet? Everything is on the Internet and Free!

Install Software in Ubuntu. Do you have Internet? Everything is on the Internet and Free!
CS 225 Lab #2 - Pointers, Copy Constructors, Destructors, and DDD.

CS 225 Lab #2 - Pointers, Copy Constructors, Destructors, and DDD.
COP4020 Programming Languages

COP4020 Programming Languages
Java Security Updated May 2007. Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security.

Java Security Updated May Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security.
Metro (down the Tube) Security Testing Windows Store Apps Marion McCune – ScotSTS Ltd.

Metro (down the Tube) Security Testing Windows Store Apps Marion McCune – ScotSTS Ltd.
F13 Forensic tool analysis Dr. John P. Abraham Professor UTPA.

F13 Forensic tool analysis Dr. John P. Abraham Professor UTPA.
Chapter Introduction to Computers and Programming 1.

Chapter Introduction to Computers and Programming 1.
Java Security. Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security Manager.

Java Security. Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security Manager.
Copyright© 2002 Avaya Inc. All rights reserved Advanced Cross Site Scripting Evil XSS Anton Rager.

Copyright© 2002 Avaya Inc. All rights reserved Advanced Cross Site Scripting Evil XSS Anton Rager.
Android Programming By Mohsen Biglari Android Programming, Part1: Introduction 1 Part1: Introduction By Mohsen Biglari.

Android Programming By Mohsen Biglari Android Programming, Part1: Introduction 1 Part1: Introduction By Mohsen Biglari.
Enabling the ARM Learning in INDIA ARM DEVELOPMENT TOOL SETUP.

Enabling the ARM Learning in INDIA ARM DEVELOPMENT TOOL SETUP.
Algorithm development. The invention of the computer  Programming language developments: 1. Machine code 2. Assembler  easier to write, debug, and update.

Algorithm development. The invention of the computer  Programming language developments: 1. Machine code 2. Assembler  easier to write, debug, and update.

Similar presentations

Ads by Google