Code Audits 102
Lecture
Homework
Find and describe three flaws in the Siberia crimeware pack (pw: infected).
- Identify the affected line(s) of code
- Briefly explain the bug class
- Trace user-controllable input to the vulnerable code
- Identify what effect the bug would have on a running application
- Calculate a CVSS score for the bug
Crimeware packs, or web exploit kits, are simple web applications that fingerprint visitors and attempt to exploit their browser in order to drop a malicious payload. The operator of the crimeware pack accesses it through an admin panel which displays statistics and enables configuration changes, such as modifying the payload that gets sent upon successful exploitation.
The Siberia kit contains live exploit code and will likely set off AV, however, none of the exploit code is in a state where it would be harmful to your computer. In addition to all of the vulnerabilities having been patched years ago, the exploits in Siberia need to be interpreted by PHP and read by your browser for them to have any effect. You can safely disable or create exceptions in your AV for this exercise or place the Siberia files inside a VM.
Required Reading
- Low-level Software Security: Attacks and Defenses (sections one and two)
- Gray Hat Hacking, 3rd Edition: Chapter 10: Programming Survival Skills
- Gray Hat Hacking, 3rd Edition: Chapter 21: Advanced Static Analysis with IDA Pro
Discussion
Share Article 