Trainings Details
(In)Security in C++ teaches C++ developers fundamental concepts from Exploit Development, and uses these concepts to demonstrate common vulnerabilities in C++ codebases. This background is used to help the students to view their code from an attacker’s perspective. They develop a sense of what common vulnerable constructs in C++ look like, and also which tools can help them find different types of vulnerabilities in their existing code bases.
Trainings Agenda
Day 1 - Finding Vulnerabilities
The first day is dedicated to learning ways to find vulnerabilities using tooling and fuzzing. We will go through common vulnerable constructs and show which tools can find them and how they can be fixed. We will use fuzzing to find the Heartbleed vulnerability. We round off the day preparing for the next morning by looking at debugging in gdb.
Plan for the day:
- Meta: Training
- Theory: Introduction and Specs
- Mitigations: Tooling
- Exploitable: UB and Compiler Optimizations
- Theory: Address Sanitizer
- Exploit: Heartbleed
- Theory: Fuzzing (on Linux)
- Theory: Debugging in gdb
Day 2 - Exploitation
The second day is dedicated to understanding how vulnerabilities can be used in exploitation. We will write shellcode and study traditional stack buffer overflow exploits, and use that to understand the platform mitigations that have been introduced over the years. Finally we will look at sandboxing on Linux with examples from the Chromium codebase.
Plan for the day:
- Mitigations: Stack Buffer Overflow
- Exploit: Shellcode 1 (on Linux)
- Exploit: Shellcode 2 (on Linux)
- Theory: Reverse Engineering
- Theory: Linux Sandboxing (Examples from Chromium)
- Discussion: Conclusion