Linux Exploits & Mitigation: Program Essentials


Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description

Navigating the space between userland and kernel and how it impacts how programs reside and execute inside of an operating system can lead to a better understanding of how it's exploited. Being able to debug, disassemble, and dump programs are essential to finding vulnerabilities. In this course, you'll investigate the structure of the Linux kernel, system calls, and program interfaces by running, debugging, and disassembling code.

You'll explore how programs fit in memory and how they are protected and executed. You'll debug and disassemble code into its assembly for inspection. Next, you'll explore the GNU C implementation of the standard library and interface using syscalls and the Linux system call table. Finally, you'll explore how programs and scripts are executed and how they are segmented in memory.



Expected Duration (hours)
1.4

Lesson Objectives

Linux Exploits & Mitigation: Program Essentials

  • discover the key concepts covered in this course
  • describe a program's structure in memory in terms of address space layout
  • run gdb to step through and trace debug a C program
  • run gdb to disassemble a program into its assembly code
  • run objdump and readelf to disassemble and inspect a Linux program
  • describe how data and functionality are protected by separating computing resources
  • discuss how data and functionality are protected within the Linux operating system by kernel and userland separation
  • describe the GNU C Library (glibc) and how it integrates with the Linux kernel
  • interface with the Linux kernel through system calls in C
  • interface with the Linux kernel through system calls in Assembly
  • describe the main components of the Linux system call table
  • query system calls available in your installed version of Linux
  • analyze simple Linux program system calls using strace
  • explore how programs are segmented between their text, data, and BSS segments
  • summarize the key concepts covered in this course

    • Course Number:
    it_cylxexdj_02_enus

    Expertise Level
    Intermediate