Hacking the Abacus: An Undergraduate Guide to Programming Weird Machines by Michael E. Locasto and Sergey Bratus version 1.0 c 2008-2014 Michael E. Locasto and Sergey Bratus All rights reserved. i WHEN I HEARD THE LEARN’D ASTRONOMER; WHEN THE PROOFS, THE FIGURES, WERE RANGED IN COLUMNS BEFORE ME; WHEN I WAS SHOWN THE CHARTS AND THE DIAGRAMS, TO ADD, DIVIDE, AND MEASURE THEM; WHEN I, SITTING, HEARD THE ASTRONOMER, WHERE HE LECTURED WITH MUCH APPLAUSE IN THE LECTURE–ROOM, HOW SOON, UNACCOUNTABLE,I BECAME TIRED AND SICK; TILL RISING AND GLIDING OUT,I WANDER’D OFF BY MYSELF, IN THE MYSTICAL MOIST NIGHT–AIR, AND FROM TIME TO TIME, LOOK’D UP IN PERFECT SILENCE AT THE STARS. When I heard the Learn’d Astronomer, from “Leaves of Grass”, by Walt Whitman. ii Contents I Overview 1 1 Introduction 5 1.1 Target Audience . 5 1.2 The “Hacker Curriculum” . 6 1.2.1 A Definition of “Hacking” . 6 1.2.2 Trust . 6 1.3 Structure of the Book . 7 1.4 Chapter Organization . 7 1.5 Stuff You Should Know . 8 1.5.1 General Motivation About SISMAT . 8 1.5.2 Security Mindset . 9 1.5.3 Driving a Command Line . 10 II Exercises 11 2 Ethics 13 2.1 Background . 14 2.1.1 Capt. Oates . 14 2.2 Moral Philosophies . 14 2.3 Reading . 14 2.4 Ethical Scenarios for Discussion . 15 2.5 Lab 1: Warmup . 16 2.5.1 Downloading Music . 16 2.5.2 Shoulder-surfing . 16 2.5.3 Not Obeying EULA Provisions . 16 2.6 Lab 2: Discomfort . 18 2.6.1 Guessing Email Passwords . 18 2.6.2 Listening to Network Traffic . 18 2.6.3 Diagnosing network connectivity problems . 18 2.7 Lab 3: Hot Sauce . 19 2.7.1 Doxing and Targeting People . 19 2.7.2 Cyberstalking and Swatting . 19 2.7.3 Vulnerability Disclosure . 19 iii 2.8 Lab 4: Religion and Politics . 21 2.8.1 Downloading Academic Articles . 21 2.8.2 Should You Be an Arms Dealer? . 21 2.9 “On Hackers” . 21 2.9.1 Hacking Is OK and Attack Papers Are Good . 21 2.9.2 Should Knowledge Be Locked Away? . 22 2.9.3 History . 22 2.9.4 Is Hacking Easy? . 22 2.9.5 OPSEC: How Should a Hacker Act? . 23 2.9.6 Teaching Hackers . 23 2.10 Closing Thoughts . 23 3 Host Security 25 3.1 Beat Up Your Operating System . 27 3.1.1 Synopsis . 27 3.1.2 Learning Outcomes . 27 3.1.3 Materials . 27 3.1.4 Description . 28 3.1.5 Notes, Hints, and Recommendations . 29 3.2 Chaining Together Arbitrary Sequences of System Calls . 30 3.2.1 Synopsis . 30 3.2.2 Learning Outcomes . 30 3.2.3 Materials . 31 3.2.4 Description . 31 3.2.5 Notes, Hints, and Recommendations . 31 3.3 Interlude: Tools: A Disassembler Script . 32 3.4 Speaking Machine Language . 34 3.4.1 Synopsis . 34 3.4.2 Learning Outcomes . 34 3.4.3 Materials . 34 3.4.4 Description . 35 3.4.5 Notes, Hints, and Recommendations . 39 3.5 Speaking to the Machine: The System Call Interface . 40 3.5.1 Synopsis . 40 3.5.2 Learning Outcomes . 40 3.5.3 Materials . 40 3.5.4 Description . 40 3.5.5 Notes, Hints, and Recommendations . 45 3.6 Interlude: Program Behavior: System Call Sequences . 47 3.6.1 The strace tool . 47 3.6.2 Applications . 48 3.7 Shellcode . 49 3.7.1 Synopsis . 49 3.7.2 Learning Outcomes . 49 3.7.3 Materials . 49 iv 3.7.4 Description . 49 3.7.5 Notes, Hints, and Recommendations . 51 3.8 Manipulating the ELF . 52 3.8.1 Synopsis . 52 3.8.2 Learning Objectives . 52 3.8.3 Materials . 52 3.8.4 Description . 52 3.8.5 Notes, Hints, and Recommendations . 56 3.9 Roll Your Own Vulnerability . 57 3.9.1 Synopsis . 57 3.9.2 Learning Outcomes . 57 3.9.3 Materials . 57 3.9.4 Description . 57 3.9.5 Notes, Hints, and Recommendations . 58 3.10 Case Study: A Simple Stack-based Buffer Overflow . 59 3.10.1 Synopsis . 59 3.10.2 Materials . 59 3.10.3 Learning Objectives . 59 3.10.4 Description . 59 3.10.5 Notes, Hints, and Recommendations . 61 3.11 Open-ended Activity: Analyzing Another Vuln . 62 3.11.1 Synopsis . 62 3.11.2 Learning Outcomes . 62 3.11.3 Materials . 62 3.11.4 Description . 62 3.11.5 Notes, Hints, and Recommendations . 62 3.12 Map Your Heap . 63 3.12.1 Synopsis . 63 3.12.2 Learning Outcomes . 63 3.12.3 Materials . 63 3.12.4 Description . 63 3.12.5 Notes, Hints, and Recommendations . 64 3.13 Observing ASLR . 66 3.13.1 Synopsis . 66 3.13.2 Learning Outcomes . 66 3.13.3 Materials . 66 3.13.4 Description . 66 3.13.5 Notes, Hints, and Recommendations . 67 3.14 Capstone: ROP Search . 68 3.14.1 Synopsis . 68 3.14.2 Learning Outcomes . 68 3.14.3 Materials . 68 3.14.4 Description . 68 3.14.5 Notes, Hints, and Recommendations . 69 3.14.6 Related Work . 69 3.15 Capstone: Bug Hunting . 71 v 3.15.1 Synopsis . 71 3.15.2 Learning Outcomes . 71 3.15.3 Materials . 72 3.15.4 Description . 72 3.15.5 Notes, Hints, and Recommendations . 73 3.16 Capstone: Write Your Own Debugger . 75 3.16.1 Synopsis . 75 3.16.2 Learning Outcomes . 76 3.16.3 Materials . 76 3.16.4 Description.
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages141 Page
-
File Size-