forked from cliffe/SecGen
-
Notifications
You must be signed in to change notification settings - Fork 0
/
1_c_asm_iof.xml
119 lines (100 loc) · 5.03 KB
/
1_c_asm_iof.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
<?xml version="1.0"?>
<scenario xmlns="http://www.github/cliffe/SecGen/scenario"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
<name>Understanding Software Vulnerabilities: C, Debugging Assembly, and Buffer Overflows</name>
<author>Z. Cliffe Schreuders</author>
<description>
# Introduction
This lab provides an introduction to the fundamental concepts of software vulnerabilities, programming in C, and debugging assembly code. It emphasizes the importance of secure coding and understanding the potential security flaws that can arise due to programming errors. In this lab, you will learn how small programming mistakes can result in software vulnerabilities with serious consequences. You will explore two main categories of software flaws: design problems and implementation problems. Common programming errors leading to security flaws, such as memory errors, input handling, and misuse of pointers and strings, will be discussed.
You will dive into programming in C, debugging assembly code using GDB, and understanding the stack structure in memory. You will create and compile simple C programs, explore the basics of assembly code, and learn to use GDB for debugging. The lab includes practical tasks, such as writing and running C programs, analyzing assembly code, and identifying security vulnerabilities in the code. You'll experiment with different inputs to understand how software vulnerabilities can be exploited and how to fix them, using secure coding practices. By the end of the lab, you will have a better grasp of software vulnerabilities and the tools and techniques for identifying and addressing them in C programs.
Overall, this lab serves as a foundational module for understanding software security, highlighting the critical role of secure coding practices and the potential consequences of software vulnerabilities.
In your home directory you will find some binaries that you need to reverse engineer in order to determine the password that the program expects. Once you have found the password, run the program and enter the password to receive the flag.
</description>
<lab_sheet_url>https://docs.google.com/document/d/1AxTve1RBzqvdPxt8Wziga2x2e3lZp4k5YsMq3KxkXzM/edit?usp=sharing</lab_sheet_url>
<type>ctf-lab</type>
<type>lab-sheet</type>
<difficulty>intermediate</difficulty>
<CyBOK KA="SS" topic="Categories of Vulnerabilities">
<keyword>Integer overflow</keyword>
</CyBOK>
<CyBOK KA="SS" topic="Prevention of Vulnerabilities">
<keyword>language design and type systems</keyword>
</CyBOK>
<video>
<title>Software, Vulnerabilities and Exploits</title>
<by>Tom Shaw</by>
<url>https://youtu.be/jo_07iOplzA</url>
<type>lecture-prerecorded</type>
<CyBOK KA="MAT" topic="Attacks and exploitation">
<keyword>EXPLOITATION</keyword>
</CyBOK>
</video>
<video>
<title>Software Vulnerabilities</title>
<by>Tom Shaw</by>
<url>https://youtu.be/1Hy_166CwRk</url>
<type>lecture-prerecorded</type>
<CyBOK KA="MAT" topic="Attacks and exploitation">
<keyword>EXPLOITATION</keyword>
</CyBOK>
</video>
<system>
<system_name>desktop</system_name>
<base distro="Debian 12" type="desktop" name="KDE"/>
<utility module_path=".*/reversing_tools"/>
<utility module_path=".*/parameterised_accounts">
<input into="accounts" into_datastore="account">
<generator type="account">
<input into="username">
<generator type="random_sanitised_word">
<input into="wordlist">
<value>mythical_creatures</value>
</input>
</generator>
</input>
<input into="password">
<value>tiaspbiqe2r</value>
</input>
<input into="super_user">
<value>false</value>
</input>
</generator>
</input>
</utility>
<utility module_path=".*/kde_minimal">
<input into="autologin_user">
<datastore access="0" access_json="['username']">account</datastore>
</input>
<input into="accounts">
<datastore>account</datastore>
</input>
<input into="autostart_konsole">
<value>true</value>
</input>
</utility>
<utility module_path=".*/handy_cli_tools"/>
<utility module_path=".*/hash_tools"/>
<utility module_path=".*/metactf">
<input into="challenge_list">
<generator type="metactf_challenge">
<input into="challenge_path">
<value>src_csp/Ch1-2/Ch2_03_IntOverflow</value>
</input>
</generator>
</input>
<input into="account">
<datastore>account</datastore>
</input>
</utility>
<network type="private_network" range="dhcp"/>
<input into_datastore="spoiler_admin_pass">
<generator type="strong_password_generator"/>
</input>
<build type="cleanup">
<input into="root_password">
<datastore>spoiler_admin_pass</datastore>
</input>
</build>
</system>
</scenario>