Secure Coding for C/C++ Training

InfoSec Institute’s Secure Coding in C/C++ two day Intense Course provides in-depth coverage of common security vulnerabilities related to C/C++ programming bugs and explains practical mitigation techniques. It also includes hands-on exercises that allow full understanding of the root causes of security problems.

Secure Coding in C/C++ Course Description

InfoSec Institute’s Secure Coding in C/C++ Course explains in detail the mechanisms underlying typical C/C++ security relevant programming bugs – the common security vulnerabilities. The root causes of the problems are explained through a number of easy-to-understand source code examples, which depicts clearly how to find and correct these problems in practice. The real strength of the course lays in numerous hands-on exercises, which help the participants understand how easy it is to exploit these vulnerabilities by the attackers.

The course also gives an overview of practical protection methods that can be applied at different levels (hardware components, operating systems, programming languages, the compiler, the source code or in production) to prevent the occurrence of the various bugs, to detect them during development and before market launch, or to prevent their exploitation during system operation. Through exercises specially tailored to these mitigation techniques participants can learn how simple it is to get rid of various security problems.

Our classroom trainings come with a number of easy-to-understand exercises providing live hacking fun. By accomplishing these exercises with the lead of the trainer, participants can analyze vulnerable code snippets and commit attacks against them in order to fully understand the root causes of certain security problems. All exercises are prepared in a plug-and-play manner by using a pre-set desktop virtual machine, which provides a uniform development environment.

Secure Coding in C/C++ Course Objectives

InfoSec Institute’s Secure Coding in C/C++ Course offers you two days of training with a real C/C++ Security expert. Our experts have extensive C/C++ development experience as well as years of experience performing security code reviews. Upon completing our Secure Coding in C/C++ Course will provide you with valuable knowledge and skills including the ability to:

• Understand basic concepts of security, IT security and secure coding
• Realize the severe consequences of non-secure buffer handling
• Understand the architectural protection techniques and their weaknesses
• Learn about typical coding mistakes and how to avoid them
• Be informed about recent vulnerabilities in various platforms, frameworks and libraries

Who Should Attend:

C/C++ developers, software architects and testers

The courses below are excellent follow-on classes:

• Secure Coding in Java
• Secure Coding in .NET
• Secure Coding for Android Platform

During the two (2) Day program, our instructors give you 110% of their time and dedication to ensure that your time is well spent. You will receive an all-inclusive immersion experience by receiving your hotel stay and most meals during your training experience; therefore you eat, sleep and train at the learning facility with no distractions!

Program Content Outline

• IT security and secure coding
  • Nature of security
  • IT security related terms
  • Definition of risk
  • IT security vs. secure coding
  • From vulnerabilities to botnets and cyber crime
    • — Nature of security flaws — Reasons of difficulty — From an infected computer to targeted attacks
  • Classification of security flaws
    • — Landwehr’s taxonomy — The Fortify taxonomy — The Seven Pernicious Kingdoms — OWASP Top Ten 2013 — Landwehr’s taxonomy — The Fortify taxonomy — The Seven Pernicious Kingdoms — OWASP Top Ten 2013
• Security relevant C/C++ programming bugs and flaws
  • Exploitable security flaws
  • Protection principles
    • — Specific protection methods — Protection methods at different layers — The PreDeCo matrix of software security
  • x86 machine code, memory layout, stack operations
    • — Intel 80×86 Processors – main registers — Intel 80×86 Processors – most important instructions — Intel 80×86 Processors – flags — Intel 80×86 Processors – control instructions — Intel 80×86 Processors – stack handling and flow control — The memory address layout — The function calling mechanism in C/C++ on x86 — Calling conventions — The local variables and the stack frame — Function calls – prologue and epilogue of a function — Stack frame of nested calls — Stack frame of recursive functions
• Buffer Overflow
  •  Stack overflow
    • — Buffer overflow on the stack — Overwriting the return address — Exercise BOFIntro — Exercise BOFShellcode o Protection against stack overflow — Stack overflow – Prevention (during development) — Stack overflow – Detection (during execution) o Stack smashing protection — Stack smashing protection variants — Stack smashing protection in GCC — Exercise BOFShellcode – Stack smashing protection — Effects of stack smashing protection — Bypassing stack smashing protection – an example — Stack overflow – Anti-exploit techniques o Address Space Layout Randomization (ASLR) — Stack randomization with ASLR — Using ASLR — Circumventing ASLR: NOP sledding — Exercise BOFASLR – Circumventing ASLR with NOP sledging o Non executable memory areas – the NX bit — Protection through Virtual Memory Management — Access Control on memory segments — The Never eXecute (NX) bit — Exercise BOFShellcode – Enforcing NX memory segments o Return-to-libc attack – Circumventing the NX bit — Arc injection / Return-to-libc attack — Exercise BOFShellcode – The Return-to-libc attack — Multiple function calls with return-to-libc o Return oriented programming (ROP) — Exploiting with ROP — ROP gadgets — Combining the ROP gadgets — Exercise BOFROP
  • Heap overflow
    • — Memory allocation managed by a doubly-linked list — Buffer overflow on the heap — Steps of freein g and joining memory blocks — Freeing allocated memory blocks — TLS Heartbeat Extension — Heartbleed – a simple explanation — Heartbleed – fix in v1.0.1g — Protection against heap overflow
• Common Coding Errors & Vulnerabilities
  • Input validation
    • — Input validation concepts — Integer problems — Representation of negative integers — Integer ranges — Integer representation by using the two’s complement — The integer promotion rule in C/C++ — Arithmetic overflow – spot the bug! — Exercise IntOverflow — So why ABS(INT_MIN)==INT_MIN? — Signedness bug – spot the bug! — Widthness integer overflow – spot the bug! — Exercise Board — A case study – Android Stagefright — Stagefright – a quick introduction — Some Stagefright code examples – spot the bugs! — Integer problem mitigation — Avoiding arithmetic overflow – addition — Avoiding arithmetic overflow – multiplication — Dealing with signed/unsigned integer promotion — Safe integer handling in C — The SafeInt class for C++ — Printf format string bug — Printf format strings — Printf format string bug – exploitation — Exercise Printf — Printf format string exploit – overwriting the return address — Mitigation of printf format string problem — Mitigation of Printf format string problem — Some otherinput validation problems — Array indexing – spot the bug! — The Unicode bug — Directory Traversal Vulnerability — Shellshock – basics of using functions in bash — Shellshock – vulnerability in bash — Exercise – Shellshock — Shellshock fix and counterattacks — Exercise – Command override with environment variables o Improper use of security features — Problems related to the use of security features — Insecure randomness — Week PRNGs in C — Stronger PRNGs in C and Linux — Hardware-based RNGs — Password management — Exercise – Google cracking — Password management and storage — Special purpose hash algorithms for password storage — BDKDF2 and bcrypt implementations in C/C++ — Some other typical password management problems
  • Improper error and exception handling
    • — Typical problems with error and exception handling — Empty catch block — Overly broad catch — Exercise ErrorHandling – spot the bug! 
  • Time and state problems
    • — Time and state related problems — Serialization errors (TOCTTOU) — Attacks with symbolic links — Exercise TOCTTOU  
  • o Code quality problems
    • — Dangers arising from poor code quality — Poor code quality – spot the bug! — Unreleased resources — Type mismatch – Spot the bug! — Exercise TypeMismatch
• Advice and Principles
  • Matt Bishop’s principles of robust programming
  • The security principles of Saltzer and Schroeder
• Knowledge Sources
  • Vulnerability databases
  • Secure coding sources – a starter kit