Differences
This shows you the differences between two versions of the page.
|
cns:lectures:lecture-09 [2014/11/30 18:06] razvan.deaconescu |
cns:lectures:lecture-09 [2019/12/07 14:08] (current) razvan.deaconescu |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== Lecture 09 - Encryption. Hashing. APIs ====== | + | ====== Lecture 09 - Code Reuse (part 2) ====== |
| - | * [[http://elf.cs.pub.ro/cns/res/lectures/lecture-09.pdf | Slides]] | + | * [[http://elf.cs.pub.ro/cns/res/lectures/09-code-reuse-2-handout.pdf|Slides]] |
| - | * **Keywords**: encryption, symmetric encryption, public key encryption, digital signatures, hash, fingerprinting, certificate, RSA, MAC, ''openssl'', ''gnutls'', ''crypt'', ''libgcrypt'', ''botan'', side channel attack, Heartbleed | + | * **Keywords**: multi-phase attack, ASLR bypass, ROP chain, stack pivoting |
| <html> | <html> | ||
| - | <iframe src="http://docs.google.com/viewer?url=http://elf.cs.pub.ro/cns/res/lectures/lecture-09.pdf&embedded=true" width="600" height="470" style="border: none;"></iframe> | + | <center> |
| + | <iframe src="https://docs.google.com/viewer?url=http://elf.cs.pub.ro/cns/res/lectures/09-code-reuse-2-handout.pdf&embedded=true" width="600" height="470" style="border: none;"></iframe> | ||
| + | </center> | ||
| </html> | </html> | ||
| - | ===== Demos ===== | + | ===== Demo ===== |
| - | For demos, we will use the [[http://elf.cs.pub.ro/cns/res/lectures/lecture-09-demo.zip|demo archive]]. We will a Linux system to run the demos. We download the archive using the command<code bash> | + | [[http://elf.cs.pub.ro/oss/res/lectures/09-code-reuse-2-demo.zip|Demo archive]] |
| - | wget http://elf.cs.pub.ro/cns/res/lectures/lecture-09-demo.zip | + | |
| - | </code/> | + | |
| - | and then we unpack the archive<code bash> | + | |
| - | unzip lecture-09-demo.zip | + | |
| - | </code> | + | |
| - | and then access the demo folder that resulted after the unpack operation<code bash> | + | |
| - | cd lecture-09-demo/ | + | |
| - | </code> | + | |
| - | We will now pass through the demos below. | + | |
| - | The demos show various ways of using the RSA algorithm: generating keys, encrypting a message and decrypting the message. | + | /* |
| - | ==== RSA in the Shell ==== | + | ====== Lecture 09 - Strings ====== |
| - | TODO | + | * [[http://elf.cs.pub.ro/cns/res/lectures/lecture-09.pdf | Slides]] |
| - | + | * **Keywords**: string, character, ''char'', ''signed char'', ''unsigned char'', NTBS, null character, character operators, string operations, bounds, overflow, truncation, sanitization, ''gets'', exploit, input validation, memory model, | |
| - | ==== RSA in C ==== | + | |
| - | TODO | + | <html> |
| - | + | <center> | |
| - | ==== RSA in Python ==== | + | <iframe src="https://docs.google.com/viewer?url=http://elf.cs.pub.ro/cns/res/lectures/lecture-09.pdf&embedded=true" width="600" height="470" style="border: none;"></iframe> |
| + | </center> | ||
| + | </html> | ||
| - | TODO | + | */ |
