Add citation for images
This commit is contained in:
Valentin Brandl
parent
f13b2fb4be
commit
60d931f34e
@ -51,6 +51,14 @@ year={2007}
|
|||||||
urldate = {2022-09-28},
|
urldate = {2022-09-28},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@unpublished{spg,
|
||||||
|
Author = {Skornia, Christoph},
|
||||||
|
Institution = {OTH Regensburg},
|
||||||
|
Howpublished = {University Lecture},
|
||||||
|
Year = {2021},
|
||||||
|
Title = {Secure Programming --- Input Validation},
|
||||||
|
}
|
||||||
|
|
||||||
@misc{directoryStructure,
|
@misc{directoryStructure,
|
||||||
title = {Classic SysAdmin: The Linux Filesystem Explained},
|
title = {Classic SysAdmin: The Linux Filesystem Explained},
|
||||||
Institution = {The Linux Foundation},
|
Institution = {The Linux Foundation},
|
||||||
|
|||||||
37
bof.tex
37
bof.tex
@ -120,23 +120,31 @@
|
|||||||
|
|
||||||
\section{Stack Layout, Execution Flow}
|
\section{Stack Layout, Execution Flow}
|
||||||
\begin{frame}
|
\begin{frame}
|
||||||
\frametitle{Stack Layout}
|
\frametitle{Stack Layout}
|
||||||
\includegraphics[width=.30\textwidth]{stack.png}
|
\begin{figure}
|
||||||
|
\centering
|
||||||
|
\includegraphics[width=.25\textwidth]{stack.png}
|
||||||
|
\caption{Stack Layout~\cite{spg}}
|
||||||
|
\end{figure}
|
||||||
\end{frame}
|
\end{frame}
|
||||||
|
|
||||||
\begin{frame}
|
\begin{frame}
|
||||||
\frametitle{Stack Layout}
|
\frametitle{Stack Layout}
|
||||||
\includegraphics[width=.60\textwidth]{stack_overflow.png}
|
\begin{figure}
|
||||||
|
\centering
|
||||||
|
\includegraphics[width=.60\textwidth]{stack_overflow.png}
|
||||||
|
\caption{Buffer Overflow~\cite{spg}}
|
||||||
|
\end{figure}
|
||||||
\end{frame}
|
\end{frame}
|
||||||
|
|
||||||
\begin{frame}
|
\begin{frame}
|
||||||
\frametitle{Execution Flow}
|
\frametitle{Execution Flow}
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Beim Aufruf einer Funktion, aktuelle Adresse auf Stack
|
\item Beim Aufruf einer Funktion, aktuelle Adresse auf Stack
|
||||||
\item \emph{\Ac{ip}} auf Adresse der aufgerufenen Funktion
|
\item \emph{\Ac{ip}} auf Adresse der aufgerufenen Funktion
|
||||||
\item Bei \mintinline{c}{return}, Stack Frame wiederherstellen, Adresse von Stack in \emph{\Ac{ip}}
|
\item Bei \mintinline{c}{return}, Stack Frame wiederherstellen, Adresse von Stack in \emph{\Ac{ip}}
|
||||||
\item Was wenn die Adresse auf dem Stack überschrieben wurde?
|
\item Was wenn die Adresse auf dem Stack überschrieben wurde?
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\end{frame}
|
\end{frame}
|
||||||
|
|
||||||
\section{Exkurs: Shellcode}
|
\section{Exkurs: Shellcode}
|
||||||
@ -153,34 +161,33 @@
|
|||||||
\item \url{https://www.exploit-db.com/shellcodes}
|
\item \url{https://www.exploit-db.com/shellcodes}
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
% \frametitle{Exkurs: Shellcode}
|
|
||||||
\end{frame}
|
\end{frame}
|
||||||
|
|
||||||
\section{Exploitation}
|
\section{Exploitation}
|
||||||
\begin{frame}
|
\begin{frame}
|
||||||
\frametitle{Code Execution}
|
\frametitle{Code Execution}
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Shellcode im Speicher plazieren
|
\item Shellcode im Speicher plazieren
|
||||||
\item Buffer überschreiben
|
\item Buffer überschreiben
|
||||||
\item \emph{\Ac{ip}} überschreiben
|
\item \emph{\Ac{ip}} überschreiben
|
||||||
\item \emph{\Ac{ip}} auf Shellcode zeigen lassen
|
\item \emph{\Ac{ip}} auf Shellcode zeigen lassen
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\end{frame}
|
\end{frame}
|
||||||
|
|
||||||
\section{Aktuelles Beispiel}
|
\section{Aktuelles Beispiel}
|
||||||
\begin{frame}
|
\begin{frame}
|
||||||
\frametitle{Beispiel in freier Wildbahn}
|
\frametitle{Beispiel in freier Wildbahn}
|
||||||
\begin{description}
|
\begin{description}
|
||||||
\item[\emph{Chromium}] Heap Buffer Overflown WebGPU: \emph{CVE-2022-1483}~\cite{CVE-2022-1483}
|
\item[\emph{Chromium}] Heap Buffer Overflown WebGPU: \emph{CVE-2022-1483}~\cite{CVE-2022-1483}
|
||||||
\item[\emph{Linux Kernel}] Heap Buffer Overflow durch Integer Overflow: \emph{CVE-2022-39842}~\cite{CVE-2022-39842}
|
\item[\emph{Linux Kernel}] Heap Buffer Overflow durch Integer Overflow: \emph{CVE-2022-39842}~\cite{CVE-2022-39842}
|
||||||
\item[\emph{MPlayer}] Buffer Overflow beim lesen von AVI und MPEG Headern: \emph{CVE-2022-38866}~\cite{CVE-2022-38866}, \emph{CVE-2022-38864}~\cite{CVE-2022-38864}
|
\item[\emph{MPlayer}] Buffer Overflow beim lesen von AVI und MPEG Headern: \emph{CVE-2022-38866}~\cite{CVE-2022-38866}, \emph{CVE-2022-38864}~\cite{CVE-2022-38864}
|
||||||
\item[\emph{GNU Binutils}] Heap Buffer Overflow in \emph{strip}: \emph{CVE-2022-38533}~\cite{CVE-2022-38533}
|
\item[\emph{GNU Binutils}] Heap Buffer Overflow in \emph{strip}: \emph{CVE-2022-38533}~\cite{CVE-2022-38533}
|
||||||
\end{description}
|
\end{description}
|
||||||
\end{frame}
|
\end{frame}
|
||||||
|
|
||||||
\section{Aktuelle Situation}
|
\section{Aktuelle Situation}
|
||||||
\begin{frame}
|
\begin{frame}
|
||||||
\frametitle{Migrationen}
|
\frametitle{Migrationen}
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item \Ac{aslr}
|
\item \Ac{aslr}
|
||||||
\item \emph{w\^{}x} Memory
|
\item \emph{w\^{}x} Memory
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user