(In)Security in C++ - 29-30 October 2019

ProvinsenSør-Trøndelag (16)

The course teaches C++ developers fundamental concepts from Exploit Development and Reverse Engineering, and uses these concepts to demonstrate common vulnerabilities in C++ codebases. This background is used to help the students to view their code from an attacker's perspective. They develop a sense of what common vulnerable constructs in C++ look like, and also which tools can help them find different types of vulnerabilities in their existing code bases. Attendees can expect to gain A basic understanding of the mindset of an exploit developer. - An understanding of assembly Good grasp of tooling that can be used to find vulnerable constructs Good idea of things to look for in code reviews Good overview of Secure Coding Practices in C++ Secure Coding Practices The Secure Coding Practices taught are largely based on the C++ Core Guidelines, the Common Weakness Enumeration (CWE) and the SEI CERT Coding Standards for C++.
Prerequisites The attendees are assumed to be proficient C++ Modules Introduction and what specs exist? Undefined Behavior & Compiler Optimizations The anatomy of a Stack Buffer Overflow shellcode (on Linux) Exploration of simple Exploitation Techniques Introduction to Compilers, Static Analysis, Sanitizers and Fuzzers Exploitable Programming Constructs: Memory I Exploitable Programming Constructs: Memory II Exploitable Programming Constructs: Numbers Secure Programming Practices in C++: Prefer C++ to C Secure Programming Practices in C++: Resource Management Secure Programming Practices in C++: Avoid the Pitfalls Secure Programming Practices in C++: Functionality Insecure Coding 101 Vulnerabilities Stack Buffer Overflow (CWE-121) Heap Buffer Overflow (CWE-122) Buffer Underflow (CWE-124) Use After Free (CWE-416) Double Free (CWE-415) Unsigned Integer Wraparound (CWE-190) Signed Integer Overflow (CWE-190) Numeric Truncation (CWE-197) Incorrect Type Conversion (CWE-704) Uncontrolled Format String (CWE-134) Tools and Techniques Exploitation: Stack Overflow Exploit, Return Oriented Programming and Format String Exploit Vulnerability Mitigation: Static Analysis, Warnings, Sanitizers and Fuzzers Platform Mitigation: Stack Canaries, Address Space Layout Randomization (ASLR), Non-executable memory

Home Page - Privacy Sitemap Copyright © 2020