Chapter 9 - 01 - Understand Secure Application Design and Architecture - 07_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Application Security Exam 212-82 Secure Coding Practices: Obfuscation/Camouflage Obfuscation/camouflage is a technique used by application developers to secure their code from reverse engineering by attackers It is performed by modifying the application executable to safeguard the code from illicit access, data tampering, license cracking, and intellectual property theft Using this technique, the developer can alter the structure of the program and remove the spaces i 0 1 02 ()3 between lines, encrypt strings, or insert dummy code This process can be performed either manually or by using automated obfuscation techniques without changing the application functionality or program throughput Copyright © by b 04 Al Rights Reserved. Reproduction is Strictly Prohibited Obfuscation/Camouflage Obfuscation or camouflage is a technique used by application developers to secure their code from being reverse engineered by attackers. executable to safeguard the code from It is achieved by modifying the application illicit access, license cracking, data tampering, and intellectual-property theft. This practice uses many programming techniques to obfuscate the source code, making it impractical for human understanding. Using this technique, the developer can alter the structure of the program by changing variables names, function names, and method names; the developer can also remove spaces between lines, metadata, and unused code; encrypt strings; or insert dummy code. This process can be performed either manually or by using automated obfuscation techniques. Although it does not change the application functionality or program throughput, in some cases, it might affect the runtime performance. The obfuscation process is followed in different types of applications such as JAVA, Android, iOS, and.NET. Owing to the easy availability of decompilers and deobfuscation tools to reverse engineer and extract source code from executables, application developers should strictly focus on using obfuscation techniques to protect the application. Attackers also use these types of obfuscation techniques to conceal malicious code. Module 09 Page 1172 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Application Security Exam 212-82 Secure Coding Practices: Code Signing O Code signing is used by software @ Progams and Featun - © publishers/developers to , product updates, or executables O.. This signature ensures the and of an application or software upon installation and 8 execution O S on 4 [ Contret Pandibiome s ler, e. =:::«-’»w~f € Googie Ovome e e o o Selmue sl Googlet Ofce Sure T public and private key to sign and verify the certificate containing the H developer and publisher information 160142020048 Mucroneht Corparrtion noss Mazrereh Corperotien 143030 Mucseseh Cerprnton Mutreacht Ietune Marageement Extemmen OneDine Macroeef ‘_!:j::‘;&:"mmw e - oGty. 0 Tearmn Machinegy 12 Matreseht Conpnstion 2B crosch e Webemd Purtrme @1 2.0r0uch 06 Leckized 184 €1\ hocson o a & e e oy nosr Conmmarty ¥ Leckiznd Seteganed - POF Viewer 1] Macroseht 363 Apps fod anterpriia - o8 ub on v To wunintall & program, select & from the bt and thenchcl Unenitall Ohange, of Fapar Organee « (@ Conmmarty for Mucrosemt : based ems + Br - Uninstall o¢ change a program Veew intalied updates © Tum Windows fertures on or o a SyStem Code signing involves the CortroiPanal » AN Control Panel Mucroseft ™ Wade Installer 105541 Corprr dstoon 1,095 23000 unm. e— s LA R e Corparation g ] Code Signing Code signing is used by software publishers/developers to digitally sign software, product updates, or executables. This signature ensures the integrity and authenticity of the application or software upon its installation and execution on a system. Code signing also determines whether the software has been downloaded from an authorized publisher/developer or from an attacker. It also ensures that the software is not modified or changed after being signed by the developer and is safe to download. Code signing involves the use of a public and private key-based PKI mechanism to sign and verify the certificate containing the developer and publisher information. The programmers or publishers sign the certificate with their private key, and clients utilize the publisher’s public key to determine the authenticity. Module 09 Page 1173 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Application Security [ Exam 212-82 Programs and Features « v 4 [ » Control Panel > AllControl Panel ltems Control Panel Home O Searc To uninstall a program, select it from the list and then click Uninstall, Change, or Repair. Tum Windows festures on or off v Uninstall or change a program View installed updates & > Programs and Features Organize ~ Name Publisher Installed On Adobe Actobat Reader DC Adobe Systems Incorporated philandro Software GmbH Google LLC Grammarly Lockhzard Ltd. Microsoft Corporation Microsoft Corporation Micresoft Corporation Microsoft Corporation Microsoft Corporation Microsoft Corporation Microsoft Corporation Mozilla Mozilla Microsoft Corporation win.rar GmbH 10-06-2021 [ AnyDesk (o] Google Chrome ‘ I 1]. Grammarly for Microsoft ® Office Suite Locklizard Safeguard - PDF Viewer Microsoft 365 Apps for enterprise - en-us Microsoft Edge [ Microsoft Edge WebView2 Runtime [ Microsoft @ Microsoft ‘ Microsoft [¥]Microsoft Intune Management Extension OneDrive Teams Update Health Tools ‘Moxilla Firefox 89.0 (x64 en-US). Mezilla Maintenance Service [W]Teams Machine-Wide Installer I vinRAR 6.00 (64-bit) 03-03-2021 Size Version 343 MB 2.00MB 10-06-2021 18-05-2021 39.7MB 09-02-2021 31-05-2021 06-06-2021 06-06-2021 04-06-2021 10-06-2021 21-05-2021 30-04-2021 035-06-2021 02-02-2021 21-01-2021 22-01-2021 10.9 M8 152 MB 104 MB 1.09 M8 205 MB 326KB 108 MB 21.005.20048 ad 6,23 91.04472.101 6.8.261 302 16.0.14026.20246 91.0.854.01 91.0.864.41 1432030 21.099.0516.0003 14.00.11161 27700 89.0 85.0 1.3.0.28779 6.00.0 Figure 9.6: Screenshot showing signed publisher details Module 09 Page 1174 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.