Binary exploitation Introduction to · Introduction to Binary exploitation Sahana C...
Transcript of Binary exploitation Introduction to · Introduction to Binary exploitation Sahana C...
![Page 1: Binary exploitation Introduction to · Introduction to Binary exploitation Sahana C csahana95@gmail.com](https://reader034.fdocuments.us/reader034/viewer/2022051904/5ff60d098a502f3ff80b0007/html5/thumbnails/1.jpg)
Introduction to Binary exploitation
Sahana [email protected]://www.linkedin.com/in/sahana-c-69a77576
![Page 2: Binary exploitation Introduction to · Introduction to Binary exploitation Sahana C csahana95@gmail.com](https://reader034.fdocuments.us/reader034/viewer/2022051904/5ff60d098a502f3ff80b0007/html5/thumbnails/2.jpg)
Introduction
- What is a binary?
- Why do we care about native security?
- Memory management in C/C++ -> Developer's responsibility
- Memory corruption bugs
![Page 3: Binary exploitation Introduction to · Introduction to Binary exploitation Sahana C csahana95@gmail.com](https://reader034.fdocuments.us/reader034/viewer/2022051904/5ff60d098a502f3ff80b0007/html5/thumbnails/3.jpg)
Source: https://www.zdnet.com/article/programming-language-popularity-c-bounces-back-at-pythons-expense/
![Page 4: Binary exploitation Introduction to · Introduction to Binary exploitation Sahana C csahana95@gmail.com](https://reader034.fdocuments.us/reader034/viewer/2022051904/5ff60d098a502f3ff80b0007/html5/thumbnails/4.jpg)
![Page 5: Binary exploitation Introduction to · Introduction to Binary exploitation Sahana C csahana95@gmail.com](https://reader034.fdocuments.us/reader034/viewer/2022051904/5ff60d098a502f3ff80b0007/html5/thumbnails/5.jpg)
What could be the impact if things go wrong?
- Eternal Blue(MS)
Source: https://nakedsecurity.sophos.com/
![Page 6: Binary exploitation Introduction to · Introduction to Binary exploitation Sahana C csahana95@gmail.com](https://reader034.fdocuments.us/reader034/viewer/2022051904/5ff60d098a502f3ff80b0007/html5/thumbnails/6.jpg)
Let's hack a binary to get admin access!
![Page 8: Binary exploitation Introduction to · Introduction to Binary exploitation Sahana C csahana95@gmail.com](https://reader034.fdocuments.us/reader034/viewer/2022051904/5ff60d098a502f3ff80b0007/html5/thumbnails/8.jpg)
How to patch the binary?
What are the vulnerabilities?
![Page 9: Binary exploitation Introduction to · Introduction to Binary exploitation Sahana C csahana95@gmail.com](https://reader034.fdocuments.us/reader034/viewer/2022051904/5ff60d098a502f3ff80b0007/html5/thumbnails/9.jpg)
Another real world exampleHeartbleed vulnerability
(CVE-2014-0160)
Source: Malwarebytes blog
memcpy(bp, pl, payload);
if (1 + 2 + payload + 16 > s->s3->rrec.length) return 0;
![Page 10: Binary exploitation Introduction to · Introduction to Binary exploitation Sahana C csahana95@gmail.com](https://reader034.fdocuments.us/reader034/viewer/2022051904/5ff60d098a502f3ff80b0007/html5/thumbnails/10.jpg)
How to get started?
- https://www.youtube.com/playlist?list=PLhixgUqwRTjxglIswKp9mpkfPNfHkzyeN
- https://ctf101.org/
- https://dhavalkapil.com/blogs/Buffer-Overflow-Exploit/
- https://pwnable.xyz/
Tools
-Debbuger - pwndbg https://github.com/pwndbg/pwndbg
- Participate in CTFs
![Page 11: Binary exploitation Introduction to · Introduction to Binary exploitation Sahana C csahana95@gmail.com](https://reader034.fdocuments.us/reader034/viewer/2022051904/5ff60d098a502f3ff80b0007/html5/thumbnails/11.jpg)
Security of Voice Controlled Systems
![Page 12: Binary exploitation Introduction to · Introduction to Binary exploitation Sahana C csahana95@gmail.com](https://reader034.fdocuments.us/reader034/viewer/2022051904/5ff60d098a502f3ff80b0007/html5/thumbnails/12.jpg)
Agenda
- Why security of VCS is important?
-Introduce different types of attacks targeted on Voice controlled systems
- Defence mechanisms proposed.
- Future of VCS security.
![Page 13: Binary exploitation Introduction to · Introduction to Binary exploitation Sahana C csahana95@gmail.com](https://reader034.fdocuments.us/reader034/viewer/2022051904/5ff60d098a502f3ff80b0007/html5/thumbnails/13.jpg)
Voice is the new trend
Juniper estimates 3.25 billion voice assistants in use - 2019
Speech is the natural way of communication
Future trend
![Page 14: Binary exploitation Introduction to · Introduction to Binary exploitation Sahana C csahana95@gmail.com](https://reader034.fdocuments.us/reader034/viewer/2022051904/5ff60d098a502f3ff80b0007/html5/thumbnails/14.jpg)
What if Voice assistant becomes your nightmare?
- Take control of household equipments.
- Shopping
- Banking
![Page 15: Binary exploitation Introduction to · Introduction to Binary exploitation Sahana C csahana95@gmail.com](https://reader034.fdocuments.us/reader034/viewer/2022051904/5ff60d098a502f3ff80b0007/html5/thumbnails/15.jpg)
Various attacks
- VoiceEmployer - Bypassing android permissions using voice
- ShouldEndSession
- Skill squatting attack
- Smear skill squatting attack
- Voice morphing attacks
- Hidden command
- Inaudible command - exploiting hardware non-linearity loophole.
![Page 16: Binary exploitation Introduction to · Introduction to Binary exploitation Sahana C csahana95@gmail.com](https://reader034.fdocuments.us/reader034/viewer/2022051904/5ff60d098a502f3ff80b0007/html5/thumbnails/16.jpg)
Minimizing the risk
- Notifying user
- Challenge response protocol
- Customizing the trigger word
- Communication protocol
![Page 17: Binary exploitation Introduction to · Introduction to Binary exploitation Sahana C csahana95@gmail.com](https://reader034.fdocuments.us/reader034/viewer/2022051904/5ff60d098a502f3ff80b0007/html5/thumbnails/17.jpg)
Do users intrinsically trust IoT devices more than online websites?
![Page 18: Binary exploitation Introduction to · Introduction to Binary exploitation Sahana C csahana95@gmail.com](https://reader034.fdocuments.us/reader034/viewer/2022051904/5ff60d098a502f3ff80b0007/html5/thumbnails/18.jpg)
References
- https://www.usenix.org/conference/nsdi18/presentation/roy
- https://nicholas.carlini.com/papers/2016_usenix_hiddenvoicecommands.pdf
- https://www.usenix.org/sites/default/files/conference/protected-files/security18_slides_kumar.pdf
![Page 19: Binary exploitation Introduction to · Introduction to Binary exploitation Sahana C csahana95@gmail.com](https://reader034.fdocuments.us/reader034/viewer/2022051904/5ff60d098a502f3ff80b0007/html5/thumbnails/19.jpg)
Questions?