http://ocw.cs.pub.ro/courses/ 2026-05-02T14:06:27+03:00 http://ocw.cs.pub.ro/courses/ http://ocw.cs.pub.ro/courses/lib/tpl/arctic/images/favicon.ico text/html 2024-10-10T17:08:05+03:00 http://ocw.cs.pub.ro/courses/cns/lectures/lecture-01?rev=1728569285&do=diff * [ Slides] * Keywords: computer network security, operating system security, table of contents, grading, gdb, objdump, assembly, C text/html 2019-10-09T18:53:55+03:00 http://ocw.cs.pub.ro/courses/cns/lectures/lecture-02?rev=1570636435&do=diff * Slides * Keywords: static analysis, dynamic analysis, executable, ELF, readelf, section, segment, disassembling, objdump, symbols, linker, process, strace / ltrace, lsof / pmap, perf, GDB, breakpoint, info, examine, ni, si, backtrace, up, down, write, searchmem, dynamic linking, dynamic loading, lazy binding, trampoline, PLT, GOT text/html 2019-10-14T08:49:17+03:00 http://ocw.cs.pub.ro/courses/cns/lectures/lecture-03?rev=1571032157&do=diff * Slides * Keywords: address space, stack, push, pop, stack frame, call stack, stack trace, call, ret, buffer, allocation, buffer overflow, return address, NOP sled, shellcode Demos For obtaining the demo archive, run the following commands: text/html 2019-10-27T12:31:26+03:00 http://ocw.cs.pub.ro/courses/cns/lectures/lecture-04?rev=1572172286&do=diff * Slides * Keywords: bugs, vulnerabilities, exploit, shellcode, shellcode construction, shellcode triggering, shellcode placing, syscall, null, stack buffer overflow Demos For obtaining the demo archive, run the following commands: wget http://elf.cs.pub.ro/cns/res/lectures/04-exploiting-demo.zip unzip 04-exploiting-demo.zip cd 04-exploiting-demo/ text/html 2019-10-27T12:30:55+03:00 http://ocw.cs.pub.ro/courses/cns/lectures/lecture-05?rev=1572172255&do=diff * Slides * Keywords: shellcode data, jump-call trick, alphanumeric shellcode, environment variable, string format attack, return-to-libc, pwntools, shellcraft, data packing, pwntools tubes text/html 2019-11-04T14:14:30+03:00 http://ocw.cs.pub.ro/courses/cns/lectures/lecture-06?rev=1572869670&do=diff * Slides * Keywords: exploit, buffer overflow, shellcode, input validation, static analysis, dynamic analysis, code integrity, DEP, ASLR, PIC, PIE, canary value, stack guard text/html 2019-11-11T09:28:35+03:00 http://ocw.cs.pub.ro/courses/cns/lectures/lecture-07?rev=1573457315&do=diff * Slides * Keywords: string, character, char, signed char, unsigned char, NTBS, null character, character operators, string operations, bounds, overflow, truncation, sanitization, gets, exploit, input validation, memory model, text/html 2019-12-07T14:07:27+03:00 http://ocw.cs.pub.ro/courses/cns/lectures/lecture-08?rev=1575720447&do=diff * Slides * Keywords: DEP, code reuse, return-to-libc, ROP, ROP gadget, ROP chain, ROPgadget Demo Demo archive text/html 2019-12-07T14:08:15+03:00 http://ocw.cs.pub.ro/courses/cns/lectures/lecture-09?rev=1575720495&do=diff * Slides * Keywords: multi-phase attack, ASLR bypass, ROP chain, stack pivoting Demo Demo archive text/html 2019-12-07T23:22:20+03:00 http://ocw.cs.pub.ro/courses/cns/lectures/lecture-10?rev=1575753740&do=diff Heap Exploitation lecture - Markus Gaaseedelen, CSCI 4968, Sprint 2015 Demo archive text/html 2022-12-11T17:59:43+03:00 http://ocw.cs.pub.ro/courses/cns/lectures/lecture-11?rev=1670774383&do=diff * Slides * Keywords: CVE-2022-0847 * Support archive text/html 2022-01-25T18:06:36+03:00 http://ocw.cs.pub.ro/courses/cns/lectures/lecture-12?rev=1643126796&do=diff * Slides * Keywords: CVE-2017-5123 * Support Archive text/html 2017-10-29T19:37:00+03:00 http://ocw.cs.pub.ro/courses/cns/lectures/lecture-13?rev=1509298620&do=diff * Slides * Keywords: binary analysis, fuzzing, smart fuzzing, mutation, guided fuzzing, Sulley, SPIKE, libfuzzer, AFL, zzuf, symbolic execution, memory model, execution model, Angr, KLEE, S2E text/html 2015-09-22T16:35:32+03:00 http://ocw.cs.pub.ro/courses/cns/lectures/start?rev=1442928932&do=diff Lectures for the Computer and Networks Security class. lectures index