Software Security Study Group Report
This week started with a brief summary of the previous week by glancing through its slides and questions. We first studied and finished cryptography’s subjects and then the software security.
We have reviewed;
Single message and multiple message secrecy and problems with same key encryption
CPA (Chosen PlainText Attacks) and their security with pseudo random functions
Secrecy and the implementation of one-time padding with random numbers
Modes of encryption (CTR, CBC, ECB) https://www.cs.columbia.edu/~smb/classes/s09/l05.pdf
Example problems of ECB and Tux penguin (https://blog.filippo.io/the-ecb-penguin/)
CCA (Chosen Ciphertext Attacks) and security
Experiments to test security of CPA and CCA’S
Arbitrary length messages and Padding oracle attacks
Pseudorandom functions and block ciphering
We reviewed ROP (Returned Oriented Programming) and three defense models (https:// www.coursera.org/learn/software-security/lecture/vjGZA/return-oriented-programming-rop)
To make stack/heap non-executable
To use ASLR (Address Space Layout Randomization)
Not to use libc codes entirely
Tools to execute and trace such attacks (gdb + peda , radare2, ida, ollydbg, ropchain, python + pwn etc.) (https://en.wikipedia.org/wiki/List_of_debuggers)
The topic of the week 3 was the Web Security, which basically consists of (https://www.coursera.org/learn/software-security/home/week/3)
Cross-site request forgery (CSRF) and Cross-site scripting (XSS)
Tools for executing discussed attacks (Like sqlmap)
We reviewed some basic structure of the Web then discussed similarities between SQL injection and the memory overflow attacks, which are in turn formed on the same logic: to run our own code in the place of data while the program expects input data.
We spent the rest of the day to solve CTF questions from the previous week (https://www.pwndiary.com/write-ups/backdoorctf2017-just-do-it- write-up-pwn250/) and to hack Samed’s server (http://cildir.gq/exploit/). Some programs we used: gdb, edb, r2, RopGadget, pwntools and IdaPro.
See you next week!