"The only real security that a man can have in this world is a reserve of knowledge, experience and ability." - H.F.
Lectures
You are required to read and understand this material.- Week 1: Introduction Slides,
An introduction to GDB,
source code used in the lecture: a.c, stack.c,
basics of memory layout. Remember that
before calling a function, we need to push its arguments on the stack (pushl instruction in the case of sumNums arguments). The return address gets pushed on the stack automatically by the system upon the execution of the call instruction. Then, sumNums needs to store old ebp register value to be able to restore the old frame. Compile stack.c with -S flag and try to understand where these things are happening.
- Week 2: Shellcode lecture notes (Updated!), Smashing The Stack For Fun And Profit, Basic Protection Mechanisms, StackGuard and PointGuard compiler extensions to protect against buffer overflows; x86 reference guide.
- Week 3: XSS lecture notes and XSS and SQL notes. Also, the following code can be found in the RedHat VM: xss.html, SQL injections by example and email server example. Check out
/var/www/cgi-binand/var/www/html/directories in the VM. Use VM to play with this code. It will not work here!
- Week 4: Integer Overflows lecture notes, revisited and Basic Integer Overflows. Introduction to Crypto, Slides.
- Week 5: Crypto notes
- Week 6: More Crypto Notes
- Weeks 7,8: System Security Notes. This paper on STORM botnet is a required reading! You will be tested on it. Some additional references:
- Side channel attacks: video1, video2
- Extracting information from memory: volatility
- On umask in linux
- Understanding setuid
- Obfuscating malware
- More on rootkits
- wireshark
- Week 9: Networking
- Week 10: Network Security notes; Scapy Usage, see and complete the following examples in Backtrack VM (in order): arp_reader.py, arp_request.py, dns_request.py, icmp_request.py, syn_scan.py
- Week 12: Mobile Security notes