Linux Exploits & Mitigation: Linux Exploit Architecture


Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description
Vulnerabilities vary by architecture and family of processor. Recognizing the processor implementations and the differences that lead to an exploit is essential. In this course, you'll explore different classes of vulnerabilities based on the computing environment. You'll learn about the architectural differences and system implementations that lead to race conditions, shellcode and out-of-order execution vulnerabilities. You'll explore mitigations and protections to prevent stack smashing, use-after-free, and integer vulnerabilities. Next, you'll examine contemporary exploits such as Spectre and Meltdown and mitigations provided by Write XOR Execute (W^X). Finally, you'll investigate protections to prevent privileged escalation and exploiting processes and tasks.

Expected Duration (hours)
0.9

Lesson Objectives

Linux Exploits & Mitigation: Linux Exploit Architecture

  • discover the key concepts covered in this course
  • describe race conditions, their potential for vulnerabilities, and approaches to avoiding race conditions
  • disable compiler protections to construct and execute shellcode in C
  • describe out-of-order execution and related processor concepts and vulnerabilities
  • describe common weaknesses and errors made when working with integers and how to prevent them
  • explore compiler warnings that are vital to security and program stability
  • explore how stack smashing vulnerabilities occur and how they are mitigated
  • describe use-after-free vulnerabilities, how they occur, and typical target examples to keep in mind
  • describe the impact and mitigations in place to avoid and mitigate the Spectre and Meltdown vulnerabilities
  • describe the Write XOR Execute (W^X) feature and its impact on memory security
  • various processor and operating system considerations that need to be taken into account when developing mitigations to vulnerabilities and exploits
  • targets for privilege escalation exploits and common privilege control mechanisms
  • targets for exploiting processes and tasks of a running Linux system
  • summarize the key concepts covered in this course

    • Course Number:
    it_cylxexdj_06_enus

    Expertise Level
    Expert