Secure Software Design - Academic year 2018/2019
Course information
Lecturer: Mario Alviano
Office hours: consult my homepage
Assistant: Arnel Zamayla
Notice board
18/09/2019 20:10: Edition 2019/2020 of the course will begin on 2 October 2019
15/12/2018 09:30: Students who have attended at least 70% of the course: download
18/10/2018 15:20: Writeups of Protostar Stack updated
Schedule
Lecture Hall: MT15
Lectures
- 26/09/2018 10:30-13:30 - Introduction
- 27/09/2018 08:30-10:30 - Low level attacks - Assembly Language (part 1)
- 03/10/2018 10:30-13:30 - Low level attacks - Assembly Language (part 2)
- 04/10/2018 08:30-10:30 - Low level attacks - Embedded Security exercises (part 1)
- 10/10/2018 10:30-13:30 - Low level attacks - Disassembler and debugger
- 11/10/2018 08:30-10:30 - Low level attacks - Shellcode (part 1)
- 17/10/2018 10:30-13:30 - Low level attacks - Shellcode (part 2)
- 18/10/2018 08:30-10:30 - Protostar - Stack
- 24/10/2018 10:30-13:30 - Low level attacks - Format string vulnerabilities and Protostar (part 1)
- 25/10/2018 08:30-10:30 - Low level attacks - Embedded Security exercises (part 2)
- 31/10/2018 10:30-13:30 - Low level attacks - Format string vulnerabilities and Protostar (part 2)
- 01/11/2018 08:30-10:30 - NO LECTURE
- 07/11/2018 10:30-13:30 - Narnia - Low level attacks
- 08/11/2018 08:30-10:30 - Nebula - Privilege escalation
- 10/11/2018 09:00-13:00 - Exam simulation
- 14/11/2018 10:30-13:30 - Java - IDS, OBJ, EXP
- 15/11/2018 08:30-10:30 - Java - NUM, MET, ERR
- 21/11/2018 10:30-13:30 - Web Goat - Introduction, HTTP Basics and HTTP Proxies
- 22/11/2018 08:30-10:30 - Web Goat - Injection Flaws
- 28/11/2018 10:30-13:30 - Web Goat - Authentication Flaws, Cross-Site Scripting, Access Control Flaws, Insecure Communication
- 29/11/2018 08:30-10:30 - Web Goat - Client Side
- 15/12/2018 09:00-13:00 - Exam simulation
Course material
Slides
Introduction: presentation, handout
Low level attacks - Assembly (part 1): presentation, handout, examples
Low level attacks - Assembly (part 2): presentation, handout, examples
Low level attacks - Disassembler and debugger: presentation, handout, examples
Low level attacks - Shellcode: presentation, handout, examples
Low level attacks - Final remarks: presentation, handout, examples
Low level attacks - Format string vulnerabilities (part 1): presentation, handout, examples
Low level attacks - Format string vulnerabilities (part 2): presentation, handout, examples
Java - Input Validation and Data Sanitization (IDS), Object Orientation (OBJ): presentation, handout
Java - Expressions (EXP), Numeric Types and Operations (NUM), Methods (MET), Exceptional Behavior (ERR): presentation, handout
Exercises to Solve at Home
Have a look at the end of the slides; some solutions written in the class can be found here
- Nebula
- Protostar
- Narnia (Over The Wire)
- Embedded security
SQL Injection on OWASP Mutillidae II up to Client-side Security
- OWASP 2013 | A1 Injection (SQL) | SQLi – Extract Data | User Info (SQL)
- OWASP 2013 | A1 Injection (SQL) | SQLi – Bypass Authentication | Login
- OWASP 2013 | A1 Injection (SQL) | SQLi – Insert Injection | Add to your blog
- OWASP 2013 | A1 Injection (SQL) | SQLi – Insert Injection | Register
HTML Injection & XSS on OWASP Mutillidae II up to Client-side Security
- OWASP 2013 | A1 Injection (SQL) | SQLi – Insert Injection | View Captured Data
- OWASP 2013 | A1 Injection (SQL) | SQLi – Insert Injection | Add to your blog
- OWASP 2013 | A1 Injection (SQL) | SQLi – Insert Injection | Register
App-Script challenges from root-me.org: the goal is to read the content of file .passwd
Bash - cron: the crontab of app-script-ch4-cracked runs a script that in turn runs everything in cron.d directory.
sudo - weak configuration: use sudo -l to list the allowed (and forbidden) commands; the password is in ch1cracked/.passwd
App-System challenges from root-me.org: the goal is to read the content of file .passwd
Programs
- ---
Books
- Gray Hat Hacking: The Ethical Hacker's Handbook, Daniel Regalado, Shon Harris, Allen Harper, Chris Eagle, Jonathan Ness, Branko Spasojevic, Ryan Linn, Stephen Sims
- The CERT Oracle Secure Coding Standard for Java, Fred Long, Dhruv Mohindra, Robert C. Seacord, Dean F. Sutherland, David Svoboda
- Elementary Information Security, Richard E. Smith
- System Forensics, Investigation and Response, Chuck Easttom
Web Pages
Exams
- 01/02/2019 9:00 - Lab 31/b
- 11/02/2019 9:00 - Lab 31/b
- 05/07/2019 9:00 - Lab 31/b
- 19/07/2019 9:00 - Lab 31/b
- 18/09/2019 9:00 - Lab 31/b