The course gives an introduction to C programming (incl. the use of pointers and dynamically allocated data), the underlying memory representation on the stack and the heap, and ways to abuse all this (with buffer overflows, integer overflows, and format strings attacks). The course also teaches some basic command lines skills in Linux/UNIX, incl. shell scripts and Makefiles.
Hoorcollege: maandags 13:45-15:30 in HG00.307
Werkcollege: woensdags 10:45-12:30 in HG00.137 en HG00.625
Vereiste voorkennis: Imperatief programmeren 1 & 2 (NWI-IPC014, NWI-IPC015 ) en Processoren (NWI-IPC006)
For this course there are obligatory weekly programming or hacking exercises, which have to be done in pairs. At most one of these exercises may have been marked as nsi (niet serieus ingeleverd) in order for you to take the exam. Exercises have to be handed in via Blackboard.
|Jan 30, college 1|| Intro [SLIDES] and
C-data types and their representation [SLIDES]
Code examples demo-ed in lecture 1
|Feb 1, practicum 1||
The Linux command line, gcc, and make.
[linux-cheat-sheet] [alternative cheat sheet by Felix Stegerman]
Assignment 1, Deadline: February 8, 23:59.
Makefile main.c hello.c addvector.c addvector.h
|Feb 6, college 2|| Alignment, arrays and pointers [SLIDES]
Read Section 9.1 of your 'Program Solving with C++' book (used
Imperatief Programmeren course) for
another explanation of pointers.
Code examples demo-ed in lecture 2. Compile where_is_data_allocated.c with or without the option -O2 to get gcc to re-align data differently.
|Feb 8, practicum 3|| Memory layout and pointer arithmetic.|
Assignment 2, Deadline: February 15, 23:59.
|Feb 13, college 3|| Pointers (continued) and
memory management: the stack
Code samples demo-ed in the lecture
More info on the stack overflow in Toyotas: here (not exam material!)
A bit childish, but great for revision: Binky pointer fun movie by Nick Parlante
|Feb 15, practicum 4||Playing around on the stack and the heap.|
Assignment 3, Deadline (excl. part 2): Feb 22, 23:59.
NB question 2 of assignment 3 is about material that will only be presented in the lecture of Feb 20, so you can skip that for now, and hand that in as part of assignment 4.
|Feb 20, college 4|| The heap, and more stack and heap issues
overflow, memory leaks, and problems with malloc & free
Code samples demo-ed in the lecture
The XKCD cartoon explaining Heartbleed
|Feb 22, practicum 5||
Memory leaks and attacks. Introduction to gdb.
Assignment 4, Deadline: March 8, 23:59. pwd-normal, pwd-hard
You might find this GDB Quick Reference helpful.
|Feb 27||geen college vanwege carnaval|
|March 1, practicum 5||geen nieuwe opdracht ivm carnaval|
|March 6, college 5||Format string attacks and buffer overflows [SLIDES]
Read the tutorial on buffer overflows by Herbert Bos and lecture notes on format strings by Wenliang Du.
A bufferflow overflow attack is similar to phreaking attack on the phone system (video): In a buffer overflow attack, malicious input tricks the CPU into doing something; in a phone phreaking attack, malicious input - by whistling! - tricks the phone system into doing something, namely dialing numbers for free.
|March 8, practicum 6||
Assignment 5, Deadline: March 19, 23:59.
If the server hackme.cs.ru.nl should not be reachable, please email Pol van Aubel <firstname.lastname@example.org> Some additional tips for the final challenge to hack the server
|March 13, college 6||Buffer overflows: More attacks and some defences (Canaries, non-executable stack, ASLR)|
|March 15, practicum 7||More work on assignment 5.|
|March 20, college 7||Demonstration and discussion of attack on the server (from assignment 5). Root causes|
|Thursday April 6, 8:30-11:30|| exam in HG00.304 and HG00.307
voorbeeld tentamen (We don't provide a sample solution. NB unlike in some earlier years, we will not ask questions about bash scripts in the exam.)
Parts of the course are inspired by on material from the SysSec Common Curriculum, and the course is part of the 10K Students Challenge to teach 10 thousand students the basics of software vulnerabilities and secure programming.