CSE4481

User Tools

Site Tools

You are here: CSE 4481 4.0 - Computer Security Laboratory » CSE 4481 Labs
Trace:
labs

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
labs [2014/02/10 19:13] marklabs [2014/03/26 02:37] (current) mark
Line 43: Line 43:
   * **Password Crackers**  [[wp>John_the_Ripper|John the Ripper]] [[http://ophcrack.sourceforge.net/|ophcrack]]   * **Password Crackers**  [[wp>John_the_Ripper|John the Ripper]] [[http://ophcrack.sourceforge.net/|ophcrack]]
   * **Password Dumping Utilities**  [[wp>|Pwdump]] [[http://www.foofus.net/~fizzgig/fgdump/|fgdump]]   * **Password Dumping Utilities**  [[wp>|Pwdump]] [[http://www.foofus.net/~fizzgig/fgdump/|fgdump]]
-  * **Lecture**  +  * **Lecture**  {{:lab3.ppt|Slides}}
- +
-{{:lab3.ppt|Slides}}+
  
 ====== Lab 04 ====== ====== Lab 04 ======
Line 55: Line 53:
   * **Dynamic linker**  [[wp>Dynamic_linker|Dynamic linker]] [[http://www.yolinux.com/TUTORIALS/LibraryArchives-StaticAndDynamic.html|Static, Shared Dynamic and Loadable Linux Libraries   * **Dynamic linker**  [[wp>Dynamic_linker|Dynamic linker]] [[http://www.yolinux.com/TUTORIALS/LibraryArchives-StaticAndDynamic.html|Static, Shared Dynamic and Loadable Linux Libraries
 ]] [[wp>DLL_injection|DLL Injection]] ]] [[wp>DLL_injection|DLL Injection]]
-  * **Lecture**  +  * **Lecture** {{:lab4.ppt|Slides}}  
- +
-<html> +
-<!-- +
- +
-{{:lab4.ppt|Slides}}  +
  
  
Line 68: Line 61:
 ===== Helpful material ===== ===== Helpful material =====
     * **Tools**  [[wp>Nikto_Web_Scanner|Nikto]] [[http://www.parosproxy.org/|Paros Proxy]]  [[wp>OpenVAS|OpenVAS]] [[wp>Metasploit_Project|Metasploit]]     * **Tools**  [[wp>Nikto_Web_Scanner|Nikto]] [[http://www.parosproxy.org/|Paros Proxy]]  [[wp>OpenVAS|OpenVAS]] [[wp>Metasploit_Project|Metasploit]]
-    * **Lecture** {{:lab5.ppt|Slides}}    +    * **Lecture** {{:lab5.ppt|Slides}} 
- +
- +
  
 +  
 ====== Lab 06 ====== ====== Lab 06 ======
 The goal of the {{:lab06.pdf|Lab 06}} is to gain first-hand experience on different types of overflow vulnerabilities. Such vulnerabilities can be utilized by a malicious user to alter the flow control of the program, even execute arbitrary pieces of code. For instance, buffer overflow vulnerability arises due to the mixing of the storage for data (e.g. buffers) and the storage for controls (e.g. return addresses): an overflow in the data part can affect the flow of the program, because an overflow can change the return address and as a result enable execution of malicious code The goal of the {{:lab06.pdf|Lab 06}} is to gain first-hand experience on different types of overflow vulnerabilities. Such vulnerabilities can be utilized by a malicious user to alter the flow control of the program, even execute arbitrary pieces of code. For instance, buffer overflow vulnerability arises due to the mixing of the storage for data (e.g. buffers) and the storage for controls (e.g. return addresses): an overflow in the data part can affect the flow of the program, because an overflow can change the return address and as a result enable execution of malicious code
Line 79: Line 70:
     * **Tools**   [[wp>Metasploit_Project|Metasploit]] [[http://www.gnu.org/software/gdb/|gdb]]     * **Tools**   [[wp>Metasploit_Project|Metasploit]] [[http://www.gnu.org/software/gdb/|gdb]]
     * **Papers** [[http://insecure.org/stf/smashstack.html|Smashing the Stack]] [[http://www.radarhack.com/tutorial/metasploit_for_dummies.pdf|Metasploit for dummies]] [[http://dougsko.com/msf3/msf3tut.pdf|Developing an Exploit Using the Metasploit Framework]]     * **Papers** [[http://insecure.org/stf/smashstack.html|Smashing the Stack]] [[http://www.radarhack.com/tutorial/metasploit_for_dummies.pdf|Metasploit for dummies]] [[http://dougsko.com/msf3/msf3tut.pdf|Developing an Exploit Using the Metasploit Framework]]
-    * **Lecture** {{:lab6.ppt|Slides}}   +    * **Lecture** {{:lab6.ppt|Slides}} 
 + 
 + 
 +   
  
  
Line 90: Line 84:
     * **Tools**   [[wp>Snort_(software)|Snort]] [[http://www.honeyd.org/|honeyd]] [[http://www.honeyd.org/|honeyd]] [[http://labrea.sourceforge.net/labrea-info.html|labrea]]     * **Tools**   [[wp>Snort_(software)|Snort]] [[http://www.honeyd.org/|honeyd]] [[http://www.honeyd.org/|honeyd]] [[http://labrea.sourceforge.net/labrea-info.html|labrea]]
     * **Lecture** {{:lab7.ppt|Slides}}       * **Lecture** {{:lab7.ppt|Slides}}  
- 
- 
- 
  
  
Line 98: Line 89:
  
     * **Rules**    {{:game.ppt|Game}}       * **Rules**    {{:game.ppt|Game}}  
- 
- 
     * **Projects**       * **Projects**  
-        * Team 1   {{:team1.tgz|Project }}  +        * Team 1   {{:team1.zip|Project }}  
-        * Team 2   {{:team2.tgz|Project}}  +        * Team 2   {{:team2.zip|Project}}  
-        * Team 3   {{:team3.tgz|Project}}+        * Team 3   {{:team3.zip|Project}} 
 +        * Team 4   {{:team4.zip|Project}} 
 +        * Team 5   {{:team5.zip|Project}}
  
 +
 +<html>
 +<!--
 --> -->
 </html> </html>
labs.1392059607.txt.gz · Last modified: by mark