diff -r 677179c76e35 -r 0711775cb6b0 slides/slides03.tex --- a/slides/slides03.tex Tue Oct 08 02:22:53 2013 +0100 +++ b/slides/slides03.tex Tue Oct 08 05:53:21 2013 +0100 @@ -162,17 +162,34 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode{ \begin{frame}[c] +\frametitle{A Float Printed ``Twice''} + +{\lstset{language=Java} +\footnotesize +\lstinputlisting{../progs/C1.c}} + +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + + + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[c] \frametitle{\begin{tabular}{c}The Problem\end{tabular}} \begin{itemize} \item The basic problem is that library routines in C look as follows: + \begin{center} -{\lstset{language=Java}\fontsize{8}{10}\selectfont% -\texttt{\lstinputlisting{../progs/app5.c}}} +{\lstset{language=Java} +\footnotesize +\lstinputlisting{../progs/app5.c}} \end{center} + \item the resulting problems are often remotely exploitable -\item can be used to circumvents all access control -(botnets for further attacks) +\item can be used to circumvents all access control\\ +(for grooming botnets for further attacks) \end{itemize} \end{frame}} @@ -196,22 +213,6 @@ \end{frame}} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% - - -%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -\mode{ -\begin{frame}[c] - -\small -\texttt{my\_float} is printed twice:\bigskip - -{\lstset{language=Java}\fontsize{8}{10}\selectfont% -\texttt{\lstinputlisting{../progs/C1.c}}} - - -\end{frame}} -%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% - %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode{ \begin{frame}[c] @@ -257,7 +258,7 @@ \frametitle{\begin{tabular}{c}Payloads\end{tabular}} \begin{itemize} -\item the idea is you store some code as part to the buffer +\item the idea is you store some code to the buffer \item you then override the return address to execute this payload\medskip \item normally you start a root-shell\pause \item difficulty is to guess the right place where to ``jump'' @@ -279,7 +280,7 @@ \end{center} \end{itemize}\bigskip\bigskip -{\lstset{language=Java}\fontsize{8}{10}\selectfont% +{\lstset{language=Java}\small \texttt{\lstinputlisting{../progs/app5.c}}} \end{frame}} @@ -305,7 +306,7 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode{ \begin{frame}[c] -\frametitle{\begin{tabular}{c}Protections against BO Attacks\end{tabular}} +\frametitle{\begin{tabular}{c}Protections against\\ BO Attacks\end{tabular}} \begin{itemize} \item use safe library functions