Add citation for images
This commit is contained in:
Valentin Brandl
parent
f13b2fb4be
commit
60d931f34e
@ -51,6 +51,14 @@ year={2007}
|
||||
urldate = {2022-09-28},
|
||||
}
|
||||
|
||||
@unpublished{spg,
|
||||
Author = {Skornia, Christoph},
|
||||
Institution = {OTH Regensburg},
|
||||
Howpublished = {University Lecture},
|
||||
Year = {2021},
|
||||
Title = {Secure Programming --- Input Validation},
|
||||
}
|
||||
|
||||
@misc{directoryStructure,
|
||||
title = {Classic SysAdmin: The Linux Filesystem Explained},
|
||||
Institution = {The Linux Foundation},
|
||||
|
||||
37
bof.tex
37
bof.tex
@ -120,23 +120,31 @@
|
||||
|
||||
\section{Stack Layout, Execution Flow}
|
||||
\begin{frame}
|
||||
\frametitle{Stack Layout}
|
||||
\includegraphics[width=.30\textwidth]{stack.png}
|
||||
\frametitle{Stack Layout}
|
||||
\begin{figure}
|
||||
\centering
|
||||
\includegraphics[width=.25\textwidth]{stack.png}
|
||||
\caption{Stack Layout~\cite{spg}}
|
||||
\end{figure}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Stack Layout}
|
||||
\includegraphics[width=.60\textwidth]{stack_overflow.png}
|
||||
\frametitle{Stack Layout}
|
||||
\begin{figure}
|
||||
\centering
|
||||
\includegraphics[width=.60\textwidth]{stack_overflow.png}
|
||||
\caption{Buffer Overflow~\cite{spg}}
|
||||
\end{figure}
|
||||
\end{frame}
|
||||
|
||||
\begin{frame}
|
||||
\frametitle{Execution Flow}
|
||||
\begin{itemize}
|
||||
\frametitle{Execution Flow}
|
||||
\begin{itemize}
|
||||
\item Beim Aufruf einer Funktion, aktuelle Adresse auf Stack
|
||||
\item \emph{\Ac{ip}} auf Adresse der aufgerufenen Funktion
|
||||
\item Bei \mintinline{c}{return}, Stack Frame wiederherstellen, Adresse von Stack in \emph{\Ac{ip}}
|
||||
\item Was wenn die Adresse auf dem Stack überschrieben wurde?
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\section{Exkurs: Shellcode}
|
||||
@ -153,34 +161,33 @@
|
||||
\item \url{https://www.exploit-db.com/shellcodes}
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
% \frametitle{Exkurs: Shellcode}
|
||||
\end{frame}
|
||||
|
||||
\section{Exploitation}
|
||||
\begin{frame}
|
||||
\frametitle{Code Execution}
|
||||
\begin{itemize}
|
||||
\frametitle{Code Execution}
|
||||
\begin{itemize}
|
||||
\item Shellcode im Speicher plazieren
|
||||
\item Buffer überschreiben
|
||||
\item \emph{\Ac{ip}} überschreiben
|
||||
\item \emph{\Ac{ip}} auf Shellcode zeigen lassen
|
||||
\end{itemize}
|
||||
\end{itemize}
|
||||
\end{frame}
|
||||
|
||||
\section{Aktuelles Beispiel}
|
||||
\begin{frame}
|
||||
\frametitle{Beispiel in freier Wildbahn}
|
||||
\begin{description}
|
||||
\frametitle{Beispiel in freier Wildbahn}
|
||||
\begin{description}
|
||||
\item[\emph{Chromium}] Heap Buffer Overflown WebGPU: \emph{CVE-2022-1483}~\cite{CVE-2022-1483}
|
||||
\item[\emph{Linux Kernel}] Heap Buffer Overflow durch Integer Overflow: \emph{CVE-2022-39842}~\cite{CVE-2022-39842}
|
||||
\item[\emph{MPlayer}] Buffer Overflow beim lesen von AVI und MPEG Headern: \emph{CVE-2022-38866}~\cite{CVE-2022-38866}, \emph{CVE-2022-38864}~\cite{CVE-2022-38864}
|
||||
\item[\emph{GNU Binutils}] Heap Buffer Overflow in \emph{strip}: \emph{CVE-2022-38533}~\cite{CVE-2022-38533}
|
||||
\end{description}
|
||||
\end{description}
|
||||
\end{frame}
|
||||
|
||||
\section{Aktuelle Situation}
|
||||
\begin{frame}
|
||||
\frametitle{Migrationen}
|
||||
\frametitle{Migrationen}
|
||||
\begin{itemize}
|
||||
\item \Ac{aslr}
|
||||
\item \emph{w\^{}x} Memory
|
||||
|
||||
Loading…
Reference in New Issue
Block a user