Dobin 0x51_ExploitMitigations.pdf
Dobin 0x51_ExploitMitigations.pdf
Dobin 0x51_ExploitMitigations.pdf
19
0.0 (0)
Kartei Details
Karten | 19 |
---|---|
Sprache | English |
Kategorie | Informatik |
Stufe | Universität |
Erstellt / Aktualisiert | 24.06.2019 / 28.06.2020 |
Lizenzierung | Keine Angabe |
Weblink |
https://card2brain.ch/box/20190624_dobin_0x51exploitmitigations_pdf
|
Einbinden |
<iframe src="https://card2brain.ch/box/20190624_dobin_0x51exploitmitigations_pdf/embed" width="780" height="150" scrolling="no" frameborder="0"></iframe>
|
What exploit mitigations do you know?
- (ASCII Armor)
- Stack Canary
- ASLR [Address Space Layout Ranfomization]
- PIE
- DEP [Data Exection Prevention]
How can you do to write secure code?
- Use secure libraries
- Perfom Static Analysis of the source code
- Perform Dynamic Analysis of programs
- Perform fuzzing of input vectors
- Have a secure development lifecycle (SDL)
- Manual source code reviews
What two types of protection can be put in place by sysadmins?
- Compile Time Protection
- Runtime Protection
What is required to create an exploit?
- Executable Shellcode
- Aka "Hacker instructions"
- The distance form the buffer to the SIP (Stored Instruction Pointer)
- Offset for the overflow
- The address of shellcode
- in memory of the target process
Name two compile time mitigations.
Compile time mitigations:
- Stack canaries
- PIE
Name some runtime mitigations.
Runtime mitigations:
- ASLR
- DEP
- ASCII Armor
what does DEP stand for and what does it do?
DEP (Data Execution Prevention)
DEP makes the stack not executable.