(In)Secure C++: Sec Edition

SECURE CODING PRACTICES IN C++

The training will provide its students with:

• knowledge on how to use tools to find vulnerabilities in native applications
• give a hands-on experience in some exploitation techniques

PRACTICAL INFORMATION

• Chat - Slack: Will be setup a week in advance to facilitate resolving of any technical issue
• Exercises - Cloud VMs and a Cyber Dojo cloud instance: guarantees same environment

This training is explicitly targeted at security professionals with some programming experience in C or C++.

GOALS OF THE TRAINING

• Demystify exploitation, show that exploitation is a mindset, not a set of techniques
• Demonstrate the motivation for mitigations in the platforms, languages and tools
• Show that C++ and C are not easy to reason about
• Teach the students to recognize constructs that have a higher risk of having vulnerabilities
• Teach the students which tools can be used to find bugs

TWO-DAY TRAINING

DAY 1 - FINDING VULNERABILITIES USING FUZZING

• Meta: Training
• Theory: Introduction and Specs
• Mitigations: Tooling
• Exploitable: UB and Compiler Optimizations
• Theory: Address Sanitizer
• Exploit: Heartbleed
• Theory: Fuzzing (AFL and libFuzzer)
• Theory: Debugging in gdb

DAY 2 - EXPLOITATION AND WRITING SHELLCODE

• Exploit: Format Strings Vulnerabilities
• Exploit: Stack Buffer Overflow
• Exploit: Shellcode 1
• Exploit: Shellcode 2
• Exploit: Return Oriented Programming (ROP)
• Discussion: Conclusion