Sec Tech Eng

8/14/2019 Sec Tech Eng

1/24

Concept of Security Tech

Lecturer

Ijs and X-X-Y-S


2/24

DefinitionHardwareLanguages

ExploitationReference

Question Time

Concept of Security TechPresentation Agenda


3/24

Classification of Hacker

Professional ProgrammerHe/She specializes at various kinds of languages andmasters in using appropriate one to implement.

Communication and Network ExpertHe/She is familiar with TCP/IP, RFC, Wireless , VoIP,and Radio Frequency techniques.

Hardware &Firmware ModifierHe/She makes frequent changes to their electronicequipment and using canonical components or semi-cosmetic modifications.

Concept of Security TechDefinition


4/24

Computer &HardwareOperating System

Windows Series 95 98 NT 2K XP 2K3 VistaLinux Series RedHat Mandriva Debian Gentoo

Unix Series Solaris SGI HPUX AIX AlphaBSD Series FreeBSD NetBSD OpenBSD

System ArchitectureBig-Endian Sun SPARC IBM PowerPCLittle-Endian IA 32/64 AMD 32/64Bi-Endian Hybrid ARM PowerPC Except PPC970/G5SPARC V9 DEC Alpha MIPS PA-RISC IA 64

Concept of Security TechHardware


5/24

Big-Endian V.S. Little-Endian

Concept of Security TechEndianness Representation Diagram


6/24

Computer &HardwareStack Segment

Property First In Last Out FILO .Definition Using Static Memory and Allocating via

Program.Instance Value of Local Variable Argument of SubRoutine.

Implementation Stack Structure in Data Structure.Characteristic Automatically Released Via Compiler.

Concept of Security TechMemory Allocation Stack V.S. Heap


7/24

Computer &HardwareHeap Segment

Property First In First Out FIFO .Definition - Using Dynamic Memory and Allocating Via

Coder.Instance Address of Pointer Space of DynamicAllocation.Implementation Linked-List Full Binary Tree in DataStructure.Characteristic Manually Released Via Code orRecycled Via OS.

Concept of Security TechMemory Allocation Stack V.S. Heap


8/24

Programming LanguageClient-Side Local

Definition The script worked that replied on platform,host of users computer and its up to modify.

Instance Ajax CSS HTML XML XHTML JavaScript VB Script WSH DOS Batch Shell Script.

Server-Side Remote

Definition The script run that based on daemonservice and accept request from users.Instance ASPx PHP JSP CGI SQL ActionScript Cold Fusion .Net Web-Based Script.

Concept of Security TechTypes Via Working Bench


9/24

Programming LanguageHigh Level Languages

Instance Common Computer Languages.Note HLA Syntax is similar with Human Being

Grammatical Sentence Pattern.Low Level Languages

Instance Assembly and Machine Code.

Note LLA Memoric makes itself into two divisions.Protype 1 Machine Native Code.Constructed with 0 & 1 0101 0011 1011 0100.Protype 2 Op-Code + Operand MOV AH, 3FH .

Notation of Operating Code From Machine Code.

Concept of Security TechTypes Via Hierarchy


10/24

Programming Language

Concept of Security TechCorresponding to Assembly and Op-Code


11/24

Programming LanguageDeclared Languages

Alias - Imperative ProceduralInstance - C/C++ Java Basic Pascal

Note You Tell Computer What To Do, It will interactively accomplish.

Definitive LanguagesAlias - Declared Intelligent AIInstance - LISP Prolog Forth Haskell Scheme

Note You Tell Computer How To Do, It will automatically accomplish.

Functional LanguagesAlias - Commercial SpecifiedInstance Mat Lab X Spice Auto LISP

Concept of Security TechTypes Via Specialization


12/24


Concept of Security TechFibonacci Recursive Sub Routine in C Code


13/24


Concept of Security TechFibonacci Code in Haskell Implementation


14/24

Programming LanguageCompiled Languages

Instance - C/C++ Java Visual Basic 5 + DelphiStatement Compiled Done then Executed Code.

Interpreted LanguagesInstance Ruby Perl Python Basic PascalStatement Compiled and Executed Simultaneously.

Assembly LanguagesInstance - 80x86 MIPS Sun SPARC HP PA-RISC

CISC - Intel 80x86/IA 32-64/IBM PCRISC ARM MPIS Sun SPARC HP PA-RISC

Concept of Security TechTypes Via Characteristic


15/24


Concept of Security TechCompilation Procedure Diagram


16/24

Exploitation TechniquesBuffer Overflow

Definition Usually coder doesnt inspect boundary thatresulted the program over-writing size of buffer.

Instance Stack Overflow Heap Overflow.Format String

Definition Usually occurred in that *printf( ) functions of

c language that resulted arbitrary code execution.ShellcodeDefinition A relocatable piece of machine code used asthe payload in the exploitation of a software bug.

Concept of Security TechSystem &Application Vulnerability


17/24

Exploitation Techniques

Concept of Security TechDisassembly Function Screen


18/24


Concept of Security TechHello World Shellcode Implementation


19/24

Exploitation TechniquesPacket Flooding/Smurfing

Ping of Death Multitude of ICMP packets sent tospecified destination, but useless via HIPS dropping now.

DoS/DDoS Using a large amount of zombie, victim,botnet that requested destination synchronously.SYN Flood A form of DoS attack that attackers sent asuccession of SYN request to target host.

MITM Man In The Middle AttackMITM is that an attack is able to read, insert and modify at will,messages between two parties without either party knowing thatthe link between them has been compromised.

Concept of Security TechNetwork-Based Assaulting Methodology


20/24


Concept of Security TechNormal TCP Connection


21/24


Concept of Security TechSYN Flood Attacking


22/24


Concept of Security TechMITM Attacking


23/24

Hacking The Art of Exploitation Jon Erickson

Hack Attacks Revealed John ChirilloC/C++ Primer 5 th Stephen Prata

XFocus Team

Online Information From Google Search EngineWiki Encyclopaedia - http://en.wikipedia.org/

Hacker Concept

Operating SystemEndianness ConceptComputer LanguagesStack and Heap Concept

Concept of Security TechReference


24/24

Concept of Security TechQuestion Time

Thanks for paying your attentionduring the class time!Please raise any doubt,argument, or question about thispresenting.

Documents

Sec Tech Eng