C Language and Vulnerability Fundamentals

Questions and Answers

What is the primary purpose of shellcode?

• To execute a command in a shell (correct)
• To create a vulnerability in a program
• To create a buffer overflow
• To debug a program in GDB

What is the difference between a vulnerability and an exploit?

• An exploit is a fix for a vulnerability
• A vulnerability is a type of exploit
• A vulnerability is a weakness that can be exploited, while an exploit is an attack that takes advantage of a vulnerability (correct)
• An exploit is a type of vulnerability

What is the purpose of ASLR?

• To prevent buffer overflows
• To prevent non-executable stack
• To randomize the location of objects in memory (correct)
• To prevent stack canaries

What is the effect of an integer overflow?

It causes the value to wrap around to a very large or very small number (B)

What is the purpose of a stack canary?

To detect buffer overflows (B)

What is the primary difference between a stack and a heap?

A stack is used for static allocation, while a heap is used for dynamic allocation (B)

What is the purpose of fuzzing?

To detect vulnerabilities in a program (C)

What is the purpose of GDB?

To debug a program (A)

What is the primary mechanism by which a threat actor can exploit a buffer?

By overflowing the buffer with a large input (B)

Which of the following is a common implication of integer overflow in real-world systems?

Unintended changes to system behavior (A)

What is the primary purpose of the main function in C programming?

To define the program's entry point (D)

Which of the following GDB tools is used to disassemble executable code?

Disas (B)

What is the primary difference between a stack and a heap in terms of memory allocation?

Stack is used for static allocation, heap is used for dynamic allocation (D)

Which of the following format string specifiers is commonly used to exploit vulnerabilities?

%n (B)

What is the primary purpose of using a safer alternative to vulnerable functions like gets or strcpy?

To prevent buffer overflow attacks (B)

Which of the following is a common limitation of fuzzing approaches?

Limited code coverage (D)

What is the primary mechanism by which a non-executable stack can prevent exploitation of vulnerabilities?

By preventing the execution of shellcode (C)

Which of the following is a common industrial practice for testing software for vulnerabilities?

Fuzzing (A)

Flashcards are hidden until you start studying

Study Notes

Week 1: C Language and GDB Tool

• C Language function syntax, main function syntax, and arguments
• Data types: integer, float, char, arrays, and declarations
• Pointers and notation
• Input and output
• Conditionals and looping
• GDB Tool: executing with an executable file, listing and disassembling (disas), breakpoints, and register inspection
• Vulnerability and exploit definitions: difference between a vulnerability and exploit (and zero day)

Week 2: Integer Overflow

• Integer types: 8-bit equal to char, signed or unsigned
• Limits available as MACRO constants
• Byte sizes of types
• Effect of integer overflow: wrapping around positive or negative
• Implications in reality: usually triggered in loop iteration
• C Language: variable scope and variable types

Week 3: Stacks and Buffers

• Principle of a stack: stack frame organization, function entry and exit sequence
• How stacks work during execution and debugging in GDB
• Buffer and overflow principles: beneficial to a threat actor
• How buffers can be viewed in GDB: examples from lab

Week 4: Vulnerable Functions and Shellcode

• Vulnerable functions: gets, strcpy, strcat, sprintf
• Safer alternatives to these functions
• Shellcode: aim, usage, and how it works

Week 5: Format Strings

• Strings vs format strings: format string specifiers
• Functions: printf and sprintf
• What makes format strings vulnerable: properties
• Exploit setup: where does it read from initially?

Week 7: Heap Properties

• Heap properties and layout: vs the stack
• Functions using heap space: relation to the stack with variables
• Structure: chunks

Week 8: Fuzzing Principles

• Fuzzing principles: why and types
• Phases and methods of fuzzing
• Tools used in fuzzing

Week 9: More Fuzzing

• More fuzzing principles: issues with fuzzing approaches
• Code coverage: AFL tool

Week 10: Non-Executable Stack and Security

• Non-executable stack and implications
• Overrides: W^X, stack canaries, and ASLR

Week 1: C Language and GDB Tool

• C Language function syntax, main function syntax, and arguments
• Data types: integer, float, char, arrays, and declarations
• Pointers and notation
• Input and output
• Conditionals and looping
• GDB Tool: executing with an executable file, listing and disassembling (disas), breakpoints, and register inspection
• Vulnerability and exploit definitions: difference between a vulnerability and exploit (and zero day)

Week 2: Integer Overflow

• Integer types: 8-bit equal to char, signed or unsigned
• Limits available as MACRO constants
• Byte sizes of types
• Effect of integer overflow: wrapping around positive or negative
• Implications in reality: usually triggered in loop iteration
• C Language: variable scope and variable types

Week 3: Stacks and Buffers

• Principle of a stack: stack frame organization, function entry and exit sequence
• How stacks work during execution and debugging in GDB
• Buffer and overflow principles: beneficial to a threat actor
• How buffers can be viewed in GDB: examples from lab

Week 4: Vulnerable Functions and Shellcode

• Vulnerable functions: gets, strcpy, strcat, sprintf
• Safer alternatives to these functions
• Shellcode: aim, usage, and how it works

Week 5: Format Strings

• Strings vs format strings: format string specifiers
• Functions: printf and sprintf
• What makes format strings vulnerable: properties
• Exploit setup: where does it read from initially?

Week 7: Heap Properties

• Heap properties and layout: vs the stack
• Functions using heap space: relation to the stack with variables
• Structure: chunks

Week 8: Fuzzing Principles

• Fuzzing principles: why and types
• Phases and methods of fuzzing
• Tools used in fuzzing

Week 9: More Fuzzing

• More fuzzing principles: issues with fuzzing approaches
• Code coverage: AFL tool

Week 10: Non-Executable Stack and Security

• Non-executable stack and implications
• Overrides: W^X, stack canaries, and ASLR