Lecture 3: Hijacking & Injection

Terms and concepts you should know

Paul Krzyzanowski

September 18, 2020

- Session hijacking - Program hijacking - Code injection - Unchecked assumptions - Buffer overflow - gets problem - Black box testing - Stack smashing - Stack pointer - Frame pointer - Safe functions - Benign overflow - Malicious overflow - NOP slide, landing zone
- Off-by-one error - What does %n do in printf? - Fuzzing - Acceptance criteria - Data Execution Prevention (DEP) - No execute (NX) permission - Return-to-libc - Return Oriented Programming (ROP) - Gadget - Address Space Layout Randomization (ASLR) - Entropy - Stack Canary - ProPolice layout - Shadow stack
Last modified October 2, 2020.
recycled pixels