New C and C++ Secure Coding X86

Writing C/C++ code can be difficult for a variety of reasons, from memory management to handling legacy code to sharp deadlines and code maintainability. But beyond all that, what if we told you that attackers were trying to break into your code right now? How likely would they be to succeed?

This course will change the way you look at your C/C++ code. We'll teach you the common weaknesses and their consequences that allow hackers to attack your system and, more importantly, the best practices you can implement to protect yourself. We provide a holistic view of C/C++ programming errors and their countermeasures, from the machine code level to virtual functions and operating system memory management. Live hands-on exercises will be presented throughout the course, as the strength of the training lies in the exercises that are actively engaged with the participants. In our experience, only by demonstrating these can we really make programmers realise how easy it is to exploit the mistakes they make. In turn, the correct programming techniques and defenses presented make it clear that security flaws in programs can be effectively avoided.

Writing secure code will give you a clear advantage over your competitors. It's your choice to stay ahead of the field - take a step forward and become a major player in the fight against cybercrime.

The training is aimed at programmers, developers, software designers, testers, security professionals who want to learn professional techniques for creating the most secure programs and applications in a C/C++ environment.

• From IT security to secure programming: what is the risk? IT security vs. secure coding, from vulnerabilities to botnets and cybercrime, the nature of security flaws, from infected computers to targeted attacks.
• x86 machine code, memory allocation and stack operations: the Intel 80x86 processors (main registers, key instructions, flags, control instructions, stack handling and flow control), memory address mapping, the function calling mechanism in C/C++ on x86, calling conventions, local variables and stack frame, function calls - prologue and epilogue of a function, stack frame in nested calls, stack frame in recursive functions.
• Buffer overflow, stack overflow: buffer overflow on the stack, return address overflow. Stack overflow protection: specific protection methods, protection methods at different layers, software security protection matrix: stack overflow prevention (during development) and detection (during execution), Fortify compiler option (FORTIFY_SOURCE). Stack smashing protection: variants, protection in GCC, effects, software security protection matrix. Address Space Layout Randomization (ASLR): randomization, practical weaknesses and limitations, NON sledding. Non-executable memory areas - the NX bit: access control to memory segments, the Never eXecute (NX) bit. Return-to-libc attack - bypassing the NX bit protection. Bypassing memory execution protection, Return Oriented Programming (ROP): discovery with ROP, ROP modules, mitigating the effects of ROP, mitigation techniques for ROP attack.
• Heap overflow: memory allocation with doubly linked lists, buffer overflow on heap, freeing and merging free space, freeing allocated memory blocks. Defenses. Case study - Heartbleed: TLS Heartbeat extension, Heartbleed - information leakage in OpenSSL, Heartbleed - fix in v1.0 1g. Protection against overflow.
• Practical cryptography: Cryptosystems, symmetric key cryptography (ensuring confidentiality, encryption algorithms, modes of operation, symmetric encryption with OpenSSL (encryption, decryption), other cryptographic algorithms (Hash or message digest, Hash algorithms, SHAttered, Hashing with OpenSSL, message authentication code (MAC), integrity and authenticity assurance with symmetric keys, random number generation - random numbers and cryptography, cryptographically strong PRNGs, weak PRNGs in C and C++, stronger PRNGs in C, random number generation with OpenSSL, hardware-based TRNGs). Asymmetric (public-key) cryptography (ensuring confidentiality, rule of thumb - private key ownership, RSA algorithm - implementation, encryption, combining symmetric and asymmetric algorithms, digital signature, OpenSSL - asymmetric encryption, digital signature. Public Key Infrastructure (PKI): man-in-the-middle (MitM) attack, digital certificates against MitM attack, certificate authorities in public key infrastructure, X.509 digital certificate.
• XML Security: injection, protection with sanitization and XML validation, XML analysis in C++, XML Entity Abuse (XML Entity Introduction, XML Bomb, XML External Entity Attack (XXE) - resource involvement, XXE attack, preventing entity attacks, Case Study - XXE in Google toolkit.
• Common coding mistakes and vulnerabilities: improper error and exception handling, typical problems with error and exception handling, empty catch block, overly broad catch block. Case study - bypassing "#iamroot" authentication in macOS: authentication process in macOS (High Sierra), incorrect error handling in opendirectoryd, #iamroot vulnerability (CVE-2017-13872).
• Code quality issues: threats from poor code quality, unpublished resources, type mismatch, memory allocation issues (Smart pointers, zero length allocation, double free, mixing delete and delete []), use after free (example of a class, how to spot the bug, use after free- Dangling pointer, case study - WannaCry (WannaCry ransomware, vulnerability behind WannaCry, lessons learned).
• Input validation: concepts, problems with integers (representation of negative integers, integer ranges, integer overflow, problems with integers in C/C++, rule for integer promotion in C/C++, arithmetic overflow, IntOverflow, what is the value of abs(INT_MIN)?, signature error, integer truncation, case study - Android Stagefright), Printf format string bug (strings, error - exploit, return address overwrite), some other input validation issues (Array indexing, off-by-one and other null termination errors, Unicode error), path traversal vulnerability (path traversal - weak protection and best practices), log forgery.
• Inappropriate use of security features: typical problems, password management (weaknesses of hashed passwords, password management and storage, special purpose hash algorithms for password storage, Argon2 and PBKDF2 implementations in C/C++, bcrypt and scrypt implementations in C/C++, case study - Ashley Madison data breach, typical errors in password management, hard coded passwords).
• Time and state problems: time and state errors, serialization errors, TOCTTOU, best practices against TOCTTOU.
• Advice and Principles: for developers and operators, Saltzer and Schröder's security principles, Matt Bishop's robust programming principles, references, additional resources, vulnerability databases, summary.

• Programming skills and at least two years of experience in a C or C++ environment. Basic knowledge of x86 architecture and assembly language, and basic practical knowledge of basic cryptographic concepts and methods is recommended. As the course material is in English, a basic level of English at document reading level is required. The lecture will be given in English.