Secure Software Design - Academic year 2019/2020
Course information
Lecturer: Mario Alviano
Office hours: consult my homepage
Notice board
27/05/2020 11:00: Exams and next edition on Microsoft Teams: follow this link
20/12/2019 11:20: Students who have attended at least 70% of the course: download
18/12/2019 10:50: First exam will be at 14:00
29/10/2019 09:15: No lecture on 30/10/2019: notice
Schedule
Lecture Hall: MT15
Lectures
- 02/10/2019 10:30-13:30 - Introduction
- 03/10/2019 08:30-10:30 - Low level attacks - Assembly Language (part 1)
- 09/10/2019 10:30-13:30 - Low level attacks - Assembly Language (part 2)
- 10/10/2019 08:30-10:30 - Low level attacks - Embedded Security exercises (part 1)
- 16/10/2019 10:30-13:30 - Low level attacks - Disassembler and debugger
- 17/10/2019 08:30-10:30 - Low level attacks - Shellcode (part 1)
- 23/10/2019 10:30-13:30 - Low level attacks - Shellcode (part 2)
- 24/10/2019 08:30-10:30 - Protostar - Stack
- 30/10/2019 10:30-13:30 - NO LECTURE
- 31/10/2019 08:30-10:30 - Low level attacks - Format string vulnerabilities and Protostar (part 1)
- 06/11/2019 10:30-13:30 - Low level attacks - Format string vulnerabilities and Protostar (part 2)
- 07/11/2019 08:30-10:30 - Low level attacks - Embedded Security exercises (part 2)
- 13/11/2019 10:30-13:30 - Nebula - Privilege escalation
- 14/11/2019 08:30-10:30 - Narnia - Low level attacks
- 16/11/2019 13:30-18:30 - Exam simulation
- 20/11/2019 10:30-13:30 - NO LECTURE
- 21/11/2019 08:30-10:30 - NO LECTURE
- 27/11/2019 10:30-13:30 - OWASP Top 10
- 28/11/2019 08:30-10:30 - Web Goat - Introduction, HTTP Basics and HTTP Proxies
- 04/12/2019 10:30-13:30 - Web Goat - Injection
- 05/12/2019 08:30-10:30 - Web Goat - Client Side
- 11/12/2019 10:30-14:30 - Web Goat - Broken Authentication, Cross-Site Scripting, Broken Access Control, Sensitive Data Exposure
- 14/12/2019 13:30-18:30 - Exam simulation
Course material
Slides
Introduction: presentation, handout
Low level attacks - Assembly (part 1): presentation, handout, examples
Low level attacks - Assembly (part 2): presentation, handout, examples
Low level attacks - Disassembler and debugger: presentation, handout, examples
Low level attacks - Shellcode: presentation, handout, examples
Low level attacks - Final remarks: presentation, handout, examples
Low level attacks - Format string vulnerabilities (part 1): presentation, handout, examples
Low level attacks - Format string vulnerabilities (part 2): presentation, handout, examples
OWASP Top 10: presentation
Exercises to Solve at Home
Have a look at the end of the slides; some solutions written in the class can be found here
- Nebula
- Protostar
- Narnia (Over The Wire)
- Embedded security
- Web Goat
SQL Injection on OWASP Mutillidae II up to Client-side Security
- OWASP 2013 | A1 Injection (SQL) | SQLi – Extract Data | User Info (SQL)
- OWASP 2013 | A1 Injection (SQL) | SQLi – Bypass Authentication | Login
- OWASP 2013 | A1 Injection (SQL) | SQLi – Insert Injection | Add to your blog
- OWASP 2013 | A1 Injection (SQL) | SQLi – Insert Injection | Register
HTML Injection & XSS on OWASP Mutillidae II up to Client-side Security
- OWASP 2013 | A1 Injection (SQL) | SQLi – Insert Injection | View Captured Data
- OWASP 2013 | A1 Injection (SQL) | SQLi – Insert Injection | Add to your blog
- OWASP 2013 | A1 Injection (SQL) | SQLi – Insert Injection | Register
App-Script challenges from root-me.org: the goal is to read the content of file .passwd
Bash - cron: the crontab of app-script-ch4-cracked runs a script that in turn runs everything in cron.d directory.
sudo - weak configuration: use sudo -l to list the allowed (and forbidden) commands; the password is in ch1cracked/.passwd
App-System challenges from root-me.org: the goal is to read the content of file .passwd
Virtual Machine
Material for ASI Workshop on Cyber Security: Virtual Machine (2 GB), slides
Books
- Gray Hat Hacking: The Ethical Hacker's Handbook, Daniel Regalado, Shon Harris, Allen Harper, Chris Eagle, Jonathan Ness, Branko Spasojevic, Ryan Linn, Stephen Sims
- The CERT Oracle Secure Coding Standard for Java, Fred Long, Dhruv Mohindra, Robert C. Seacord, Dean F. Sutherland, David Svoboda
- Elementary Information Security, Richard E. Smith
- System Forensics, Investigation and Response, Chuck Easttom
Web Pages
Exams
- 30/01/2020 14:00 - Lab 31/b
- 14/02/2020 09:00 - Lab 31/b
08/07/2020 09:00 - Teams - exam format
30/07/2020 09:00 - Teams - exam format
05/09/2020 09:00 - Teams - exam format
18/09/2020 09:00 - Teams - exam format