CSC 495/583 Topics of Software Security

2019-Fall Course Website

Advisor: Si Chen

Course Logo

Course Overview

OllyDbg

  • The legal aspects of reverse engineering.
  • Assembly language for IA-32 compatible processors and how to read compiler-generated assembly language code.
  • The general principles behind malicious software and how reverse engineering is applied to study such program.

Expected Background

  • Basic programming concepts (e.g. complete Java I, II)
  • Knowledge with the C programming language, including pointers, arrays, loops, function calls, etc.
  • Familiar with Unix/Linux including the command-line shell and gdb
  • Familiar with Intel x86 assembly language and architecture
  • Familiar with web programming concepts (HTML, HTTP, TCP, network communications)

Textbook

No Textbook

Reference book:

  1. Randal E. Bryant, Davie Richard O'Hallaron, Computer Systems: A Programmer's Perspective, 3rd Edition, ISBN 978-0134092669
  2. Kris Kaspersky, Hacker Disassembling Uncovered, 2nd Edition, ISBN 978-1931769648
  3. Eldad Eilam, Reversing: Secrets of Reverse Engineering, 1st Edition, ISBN 978-0764574818

Course Content

# Date Topic Slides Supporting Materials
Class 1 Aug 26, 2019 Introduction ch01.pptx
Class 2 Aug 28, 2019 IA-32 Register, Byte Ordering, x86 ASM ch02.pptx abexcm1-voiees.exe LittleEndian.exe LittleEndian.cpp HelloWorld.exe
Class 3 Sep 3, 2019 x86 ASM, Stack ch03.pptx Stack.exe stack.py
Lab 0
(6 points)
Sep 3, 2019 Lab: Hello World
Change the text in pop-up window from "Hello World!" to "Hello Reversing", take a screenshot and upload the image to D2L. HelloWorld.exe Windows XP Environment Disclaimer
Class 4 Sep 5, 2019 Stack Frame ch04.pptx StackFrame.exe StackFrame.cpp
Class 5 Sep 10, 2019 Calling Convention, System Call, Introduction to PEDA and Pwntools ch05.pptx cdecl.c stdcall.c cdecl.exe stdcall.exe helloworld.asm shell.asm code.zip 1_sample.c 2_interactive.c 3_reversing.c
Lab 1
(6 points)
Sep 10, 2019 Lab: Stack and Stack Frame in Linux
lab1.pdf
  • Manjaro Linux (ArchLinux) Environment Username:csc495 password:csc495
  • lab1.c
  • Class 6 Sep 12, 2019 Stack Overflow (1) ch06.pptx buffer.c buffer2.c overflow.c
    Class 7 Sep 17, 2019 Stack Overflow (2) ch07.pptx hello.asm test.c Shellcode overflow2.c
    Class 8 Sep 23, 2019 Stack Overflow Review: Classic Exploitation Technique (with PEDA, Pwntools) & Linux Binary Protections (ASLR, DEP, Stack Canaries) ch08.pptx overflow2.c overflow3.c template.py exploit.py exploit2.py exploit3.py
    Lab 2
    (6 points)
    Sep 23, 2019 Lab: Stack Overflow
    lab2.pdf
  • lab2.c
  • exploit.py
  • Manjaro Linux (ArchLinux) Environment Username:csc495 password:csc495
  • Class 9 Sep 25, 2019 Return-oriented programming (ROP) ch09.pptx rop.c exploitROP.py exploitROP_template.py
    Class 10 Sep 30, 2019 Return-oriented programming (ROP) (2) ch10.pptx rop.c exploitROP.py rop2.c exploit_ROP2.py
    Class 11 Oct 2, 2019 Return-oriented programming (ROP) (3) & Dynamic Linking & Return-to-libc Attack & ASLR ch11.pptx reveal_address.c ret2lib.c ret2lib_Exploit.py niklasb/libc-database
    Class 12 Oct 8, 2019 Web Security (1) ch12.pptx
    Class 13 Oct 10, 2019 Web Security (2) ch13.pptx
    Lab 3
    (6 points)
    Oct 10, 2019 Lab3: Return-oriented programming (ROP)
    lab3.pdf [Hint]
  • lab3.c
  • lab3_exp.py
  • Manjaro (Arch Linux) 64 Environment
    Username: csc495 Password: csc495
  • Class 14 Oct 15, 2019 PLT, GOT & Return-to-plt Attack (Bypassing ASLR/NX) ch14.pptx ret2plt.c ret2plt_Exp.py
    Class 15 Oct 17, 2019 GOT Overwrite Attack (1) ch15.pptx bypassGOT.c exp_GOT.py
    Reading 1
    (10 points)
    Oct 17, 2019 Reading Question 1: Hacking Blind
    ReadingQuestion.pdf Hacking Blind paper Project Website
    Class 16 Oct 22, 2019 Multi-Stage Exploits ch16.pptx multi_stage.c exp_multi_stage.py

    Tutorials and Supporting Materials