Linux Exploits & Mitigation: String Vulnerability Analysis

Ubuntu 20.04    |    Intermediate
  • 14 videos | 1h 8m 53s
  • Includes Assessment
  • Earns a Badge
Rating 4.4 of 15 users Rating 4.4 of 15 users (15)
String vulnerabilities are at the core of a wide range of exploits. Being able to recognize, debug, and fix unsafe string manipulation code is essential to avoiding vulnerabilities. In this course, you'll explore how string code can be written safely and how strings vulnerabilities are exploited. You'll look at the most common format string vulnerabilities in the C programming language and what it means to overflow a string buffer. You'll debug string exploits, including vulnerabilities introduced by common string output and manipulation functions. Next, you'll correct common errors, check strings for safety, loop over strings, and see what happens when unsafe strings are executed in a program. Finally, you'll describe how code can be injected via strings and how strings can be returned safely.

WHAT YOU WILL LEARN

  • Discover the key concepts covered in this course
    Describe how strings are exploited in computer programs
    Illustrate the weaknesses caused by string formatting methods
    Perform a string buffer overflow in a c program
    Apply flags to the gcc compiler to catch string weaknesses by converting warnings into errors
    Recognize and correct weaknesses introduced by poorly implemented string copies
    Recognize and correct common input string vulnerabilities
  • Explore how generating command line string inputs can exploit insecure string methods
    Check input strings for validity and safety
    Perform loops over characters in a string in a safe manner
    Run programs that fail due to unsafe strings
    Describe how strings executed dynamically can lead to vulnerabilities
    Recognize safe and unsafe methods of returning strings in c
    Summarize the key concepts covered in this course

IN THIS COURSE

  • 1m 26s
  • 5m 2s
    Upon completion of this video, you will be able to describe how strings are used in computer programs. FREE ACCESS
  • Locked
    3.  Formatting String Weaknesses
    7m 32s
    After completing this video, you will be able to illustrate the weaknesses caused by string formatting methods. FREE ACCESS
  • Locked
    4.  Overflowing the String Buffer
    7m 45s
    In this video, find out how to perform a string buffer overflow attack in a C program. FREE ACCESS
  • Locked
    5.  Compiling String Weaknesses
    4m 13s
    During this video, you will learn how to apply flags to the gcc compiler to catch string weaknesses by converting warnings into errors. FREE ACCESS
  • Locked
    6.  Copying String Weaknesses
    9m 13s
    Upon completion of this video, you will be able to recognize and correct weaknesses introduced by string copies that are not implemented well. FREE ACCESS
  • Locked
    7.  Catching Input Vulnerabilities
    4m 52s
    Upon completion of this video, you will be able to recognize and correct common input string vulnerabilities. FREE ACCESS
  • Locked
    8.  Generating String Weaknesses
    5m 15s
    In this video, you will explore how generating command line string inputs can exploit insecure string methods. FREE ACCESS
  • Locked
    9.  Checking Strings Safely
    4m 57s
    In this video, you will learn how to check input strings for validity and safety. FREE ACCESS
  • Locked
    10.  Looping Over Strings Safely
    4m 41s
    Learn how to safely perform loops over characters in a string. FREE ACCESS
  • Locked
    11.  Executing Unsafe Strings
    4m 31s
    In this video, you will run programs that fail due to unsafe strings. FREE ACCESS
  • Locked
    12.  Injecting Code in Strings
    3m 5s
    After completing this video, you will be able to describe how strings executed dynamically can lead to vulnerabilities. FREE ACCESS
  • Locked
    13.  Returning Strings Safely
    5m 29s
    After completing this video, you will be able to recognize safe and unsafe methods of returning strings in C. FREE ACCESS
  • Locked
    14.  Course Summary
    52s

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Course OWASP Top 10: A09:2021-Security Logging & Monitoring Failures
Rating 4.6 of 179 users Rating 4.6 of 179 users (179)
Book Security Strategies in Linux Platforms and Applications, Third Edition
Course CompTIA Linux+: Securing Linux
Rating 4.4 of 18 users Rating 4.4 of 18 users (18)

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Course Linux Exploits & Mitigation: Penetration Tools
Rating 4.0 of 4 users Rating 4.0 of 4 users (4)
Course Working with Google Cloud SQL: An Introduction to Cloud SQL
Rating 4.7 of 37 users Rating 4.7 of 37 users (37)
Course Getting started in Gmail 2023
Rating 4.6 of 56 users Rating 4.6 of 56 users (56)