Lecture: Program Analysis and Binary Exploitation

Other:

• Term: Master Computer Science
• Requirements:
• Faculty: MA-INF
• Effort: 2L + 2E / 6CP

Description

Our computers run a lot of closed source binary programs meaning that the source code of those programs is not available. Naturally, those programs contain bugs, mistakes that the programmer made during the development. Those bugs could (under certain circumstances) be exploited by attackers and thus may lead to arbitrary code execution.

In this lecture we aim to teach you how to find well known exploitable bugs and how to exploit them. You will first learn about basic binary program analysis such as static and dynamic analysis. After this introduction we will talk about vulnerability discovery in general meaning that you will learn how to find exploitable bugs by yourself.

Next, we move on to basic stack-based buffer overflows and add mitigation techniques (stack cookies, NX, ASLR, RELRO, ...) as we progress and exploit them as well. After we finished the topic of stack-based buffer overflows we move on to more advanced topics such as format string exploits, heap exploitation, use-after-free exploits and others.

The lecture ends with a complex case study, in more detail, a detailed explanation of an iOS jailbreak.

You should have basic knowledge of the Linux operating system (including Bash) and also know basic Python programming. Additionally, you should have attended the following lectures: "Kommunikation in Verteilten Systemen", "Systemnahe Programmierung" (bonus: Malware Boot Camp and the lecture "Reaktive Sicherheit") or have at least an equivalent knowledge.

Please refer to https://www.seclab-bonn.de/ for any additional information such as slides, exercise sheets and so on! (Note: The website is only available from the University of Bonn network! You can, for example, use sshuttle to tunnel all your traffic through zeus.cs.uni-bonn.de via SSH or use the Computer Science VPN)

Assignment sheets

Assignments	Deadline
Sheet 1	2018-11-01, 11:59:59PM