https://security.cs.pub.ro/summer-school/wiki/ 2026-04-24T12:55:59+00:00 https://security.cs.pub.ro/summer-school/wiki/ https://security.cs.pub.ro/summer-school/wiki/_media/wiki/dokuwiki.svg text/html 2020-07-19T09:49:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://security.cs.pub.ro/summer-school/wiki/session/extra/advanced-attacks?rev=1595152140&do=diff 0x0E. Topics on Advanced Attacks Slides Tutorials Install angr. See <http://angr.io/install.html> Download Switch to task-0 and first analyze the binary manually (IDA, gdb, etc). Then analyze the Angr solver: where the state starts, the avoided branches and the target state. Check that it works as expected. text/html 2020-07-19T09:49:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://security.cs.pub.ro/summer-school/wiki/session/extra/fuzzing?rev=1595152140&do=diff 0x0C. Fuzzing Slides Slides are available [here]. Tutorials Introduction Fuzzing is a technique for testing certain kinds of software by feeding the target with thousands of random generated inputs. From now on, the target is the software program that we test using the fuzzer. Fuzzing is used by companies to test their internal developed software, or by security companies to analyze interesting pieces of software(delivered as binaries). text/html 2020-07-19T09:49:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://security.cs.pub.ro/summer-school/wiki/session/extra/heartbleed-poc?rev=1595152140&do=diff 0x0Cb. Heartbleed Proof of Concept Information Leak In the context of binary exploitation, information leakage attacks are based on bugs such as integers overflows, or unchecked bounds, and can be used to leak the memory contents of a process. Using this kind of attack we can overcome some protection mechanism that we just studied. We could leak stack canaries and then use them to successfully overflow the stack, or we could leak addresses from the stack or other structures, thus defeating ASL… text/html 2020-07-19T09:49:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://security.cs.pub.ro/summer-school/wiki/session/extra/preventing-vulnerabilities?rev=1595152140&do=diff 0x0D. Preventing Vulnerabilities Slides Tutorials Sanitizing Input Invalid input may cause a program to crash. Input may also consists of content that is able to exploit vulnerabilities in programs; among the most famous forms of input that causes exploits is text/html 2020-07-19T09:49:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://security.cs.pub.ro/summer-school/wiki/session/extra/start?rev=1595152140&do=diff Extra extra index text/html 2020-07-19T09:49:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://security.cs.pub.ro/summer-school/wiki/session/extra/stateful-fuzzing?rev=1595152140&do=diff 0x07b. Stateful Fuzzing Slides The slides ca be found over [here] Tutorials Stateful Fuzzing When doing stateful fuzzing, our protocol message requests aren't independent any more from one another and must be sent in a specific order so as to carry out the fuzzing process. This type of ordering leads to a natural representation of the state machine as a graph with message requests being represented as nodes and sequencing between messages as edges. text/html 2020-07-19T09:49:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://security.cs.pub.ro/summer-school/wiki/session/extra/stateless-fuzzing?rev=1595152140&do=diff 0x07. Stateless Fuzzing Slides The slides can be found [here]. Tutorials “To fuzz or not to fuzz ?” Fuzzing is a software testing technique, often automated, that involves providing invalid, unexpected or random data as input to a program. From a security perspective, it's imperative for discovering new software vulnerabilities in applications where you don't have access to the underlying source code and even in applications where you do have the source code. The phases of the fuzzing proce… text/html 2020-07-19T09:49:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://security.cs.pub.ro/summer-school/wiki/session/extra/windows-security?rev=1595152140&do=diff Extra: Windows Security Mechanics Slides You can find the slides [here.] Tutorials This session will provide a quick intro into Windows Land. We will first explore the windows PE (Portable Executable) file format. On key elements we will try and present the differences between it and what