Software Security

Question 1

Buffer Overflow

Answer 1

takes advantage of the stack

Question 2

What is unique about C strings?

Answer 2

null terminating character at the end

Question 3

What directions do strings grow in?

Answer 3

Upwards

Question 4

What direction does the stack grow in?

Answer 4

Downward (from high memory addresses to low memory addresses)

Question 5

What direction does the heap grow in?

Answer 5

Upward

Question 6

Where are the stack and heap in relation to each other?

Answer 6

They share space, but grow in different directions

Question 7

Shell Code

Answer 7

Creates a code that will execute any code

Has same privilege level as the host program that launched it

Question 8

Shell Injection

Answer 8

return address of function is overwritten to point to shell code in the buffer

Question 9

Return-to-libc

Answer 9

return address of function is overwritten to point to a standard library function

Question 10

Heap Overflows

Answer 10

data stored in the heap is overwritten

manipulation using malloc()/free()

Question 11

OpenSSL Heartbleed Vulnerability

Answer 11

Query database for information, setting the length of the return regardless of what the information contains

Question 12

How does a programming language prevent buffer overflow attacks?

Answer 12

Strongly typed, autobound checks, auto memory management

Question 13

What is a drawback of using a programming language to prevent buffer overflow attacks?

Answer 13

Performance suffers

Question 14

If you have to use an unsafe language, what should you do to prevent buffer overflow attacks?

Answer 14

Check inputs, check bounds, perform code analysis

Question 15

How do stack canaries work?

Answer 15

Random integer put before a return address that is checked to see if the buffer has been manipulated

Question 16

How does address space layout randomization work?

Answer 16

Randomizes the memory location of the stack, heap, libc, etc

Can use a non-executable stack with ASLR for added security