Optimizing Shellcode Development

Previous page
Table of content
Next page

Overview

Fault injection technologies have been used for more than half a century to verify the fault tolerance of hardware solutions. Fault injection systems are currently used to test the machinery in the cars we drive, the engines in the airplanes that fly us, and even the heating elements that warm our coffee. These systems inject faults through the pins of integrated circuits, via bursts of EMI, by altering voltage levels, in some cases, even through the use of radiation. These days every major hardware manufacturer employs some sort of fault injection system within their testing process.

As our technologies transcend from analog to digital, the amount of software in use grows at an exponential rate. The question that should be asked is: What tools do we have that will test the dependability of our software?

During the last decade , several fault injection solutions have been developed to detect serious problems in enterprise software. Many of these software-based fault injections solutions were created during the course of several research grants sponsored by the Office of Naval Research (ONR), Defense Advanced Research Project Agency (DARPA), National Science Foundation (NSF), and the Digital Equipment Corporation (DEC). Software fault injections systems such as DEPEND , DOCTOR , Xception , FERRARI , FINE , FIST , ORCHESTRA , MENDOSUS , and ProFI have demonstrated that fault injection technologies can be used to successfully enumerate a variety of faults in enterprise software applications. Several of these solutions were each designed to help solve the same problem ”to offer a resource to the software development community that will allow them to test the fault tolerance of their software. Few solutions in the public and private sectors have been designed specifically to discover security holes in targeted software. As the importance of security grows daily, so does the need for technologies to help improve the security of the software we use.

Fault testing tools are used every day by Quality Assurance (QA) engineers to test their assigned software for potential weaknesses. One of the most useful skills that QA engineers can possess is the ability to incorporate automation into their toolkits. Software security auditors could learn much from modern QA techniques. Most talented security auditors rely on manual auditing techniques, primarily reverse engineering and source auditing, to discover potential security problems in software products. While these skills are useful, if not required, in a successful auditor , the ability to develop automated auditing technologies is also important. By using the knowledge discovered during reversing, software testers can quickly configure their auditing applications to audit software while they perform other auditing tasks . This type of multitasking allows an auditor to perform the work of hundreds, if not thousands, of other software auditors in a fraction of the time.

One of the best facets of fault testing is that every mistake you make during the development of your solution may actually increase the successfulness of your testing. A mistake in your development is one of the most serendipitous things that you can do. If you went back and made a list of all the programming mistakes you've made over time and built a test for each into your fault-testing application, you could easily break the majority of enterprise server software products.

Building a fault injection solution will motivate you to learn the attack classes to such depth that you will understand them at a much simpler level. With each new attack class you learn or discover, you will pick up tricks and techniques that will help you understand the other classes. What you learn can make your auditing suite even more powerful. The best part is that by using automation, you can even find world-shattering security holes while you sleep.

In this chapter we will design and implement a fault injection solution to discover security flaws within network server software products that operate over an application protocol-based network medium. This fault injection system, which we'll call RIOT, closely resembles a system designed in January 2000 that was used to discover several highly publicized vulnerabilities such as those exploited by the Code Red virus. Using RIOT, we demonstrate the effectiveness of fault testing by enumerating some of these security flaws in our target application, Microsoft' s Internet Information Server (IIS) 5.0.


Previous page
Table of content
Next page
The Shellcoder's Handbook. Discovering and Exploiting Security
Hacking Ubuntu: Serious Hacks Mods and Customizations (ExtremeTech)
ISBN: N/A
EAN: 2147483647
Year: 2003
Pages: 198
Authors: Neal Krawetz
BUY ON AMAZON
Service-Oriented Architecture (SOA): Concepts, Technology, and Design
Information Dashboard Design: The Effective Visual Communication of Data
Professional Struts Applications: Building Web Sites with Struts ObjectRelational Bridge, Lucene, and Velocity (Experts Voice)
Web Systems Design and Online Consumer Behavior
HTI+ Home Technology Integrator & CEDIA Installer I All-In-One Exam Guide
Microsoft Office Visio 2007 Step by Step (Step By Step (Microsoft))
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy