Build a full-functioned virtual machine from scratch, when Brainfuck is used. Basic concepts about interpreter, optimizations techniques, language specialization, and platform specific tweaks.
Let's turn the table. Suppose your goal is to deliberately create buggy programs in C and C++ with serious security vulnerabilities that can be "easily" exploited. Then you need to know about things like stack smashing, shellcode, arc injection, return-oriented programming. You also need to know about annoying protection mechanisms such as address space layout randomization, stack canaries, data execution prevention, and more. These slides will teach you the basics of how to deliberately write insecure programs in C and C++.
A PDF version of the slides can be downloaded from my homepage: http://olvemaudal.com/talks
Here is a video recording of me presenting these slides at NDC 2014: http://vimeo.com/channels/ndc2014/97505677
Enjoy!
Build a full-functioned virtual machine from scratch, when Brainfuck is used. Basic concepts about interpreter, optimizations techniques, language specialization, and platform specific tweaks.
Let's turn the table. Suppose your goal is to deliberately create buggy programs in C and C++ with serious security vulnerabilities that can be "easily" exploited. Then you need to know about things like stack smashing, shellcode, arc injection, return-oriented programming. You also need to know about annoying protection mechanisms such as address space layout randomization, stack canaries, data execution prevention, and more. These slides will teach you the basics of how to deliberately write insecure programs in C and C++.
A PDF version of the slides can be downloaded from my homepage: http://olvemaudal.com/talks
Here is a video recording of me presenting these slides at NDC 2014: http://vimeo.com/channels/ndc2014/97505677
Enjoy!
網路安全是一個特殊的研究領域,其中一個原因是在網路安全問題中,"對手"不是文字、影像或任何形式死板板的資料,而是活生生的人;這些製造問題的黑客 (black hat hackers) 終日找尋各種系統及網路漏洞,企圖提出更高明的攻擊方式來獲取各種可能的利益。因此,在網路安全研究中,我們無法"預設"黑客會有什麼樣的攻擊行為,而必須從真正的資料中尋找蛛絲馬跡,從大量資料中發現及解決各種已發生或將發生可能危害使用者資料安全及隱私的行為。在這場研究中,我將介紹 data-driven network security research 並以幾個實際的研究案例來展示真實資料的統計分析可以幫助我們解決什麼樣的安全問題。
19. 檢視 DLL 提供的函式 E:INNTystem32>dumpbin /exports user32.dll Microsoft (R) COFF Binary File Dumper Version 5.00.7022 Copyright (C) Microsoft Corp 1992-1997. All rights reserved. Dump of file user32.dll File Type: DLL Section contains the following Exports for USER32.dll 0 characteristics 336A2A2A time date stamp Sat May 03 01:53:46 1997 0.00 version 1 ordinal base 634 number of functions 634 number of names ordinal hint name 1 0 ActivateKeyboardLayout (00015B1A) 2 1 AdjustWindowRect (0000D704) 3 2 AdjustWindowRectEx (00007D8E) 4 3 AnyPopup (00043ABB) 5 4 AppendMenuA (00011F57) 6 5 AppendMenuW (0002D7A4)
148. Bookmarking Records void DoSomething (const TTable *Tbl) { TBookmark Bookmark; Bookmark = Tbl->GetBookmark(); //Allocate memory and assign a value Tbl->DisableControls(); // Turn off display of records in data controls try { Tbl->First(); // Go to first record in table while (!Tbl->Eof) // Iterate through each record in table { // Do your processing here ... Tbl->Next(); } } catch(...) { Tbl->GotoBookmark(Bookmark); Tbl->EnableControls(); // Turn on display of records in data controls, Tbl->FreeBookmark(Bookmark); // Deallocate memory for the bookmark } }