6048CEM Exploit Development, Coventry University
Learning Outcome 1: Examine, analyze and test programs for security vulnerabilities
Learning Outcome 2: Evaluate the features of an operating system or programming language that can mitigate the impact of a security exploit.
Learning Outcome 3: Make use of existing "off the shelf" exploits and shell code to compromise a program.
Learning Outcome 4: Evaluate obfuscation tools and their appropriateness for avoiding common protection mechanisms
There are several protection mechanisms that try to prevent attackers successfully exploiting a computer system. Understanding how these methods work, and techniques that can be used to bypass them, is an important part of developing a successful exploit.
For this coursework, you are expected to research common protection mechanisms and the demonstrate impact they can have on exploit code.
Part One: Research Element
For the first element you are expected to research and discuss TWO methods used to mitigate the impact of an exploit.
You should discuss:
An Overview of the mitigation method, and the types of attack it aims to prevent.
Discussion around technical implementation of the method.
Critical Analysis of the Strengths, Weaknesses of the method, and an overview of possible strategies to defeat it.
You are expected to make use of the literature to support your discussion, using references to support and strengthen the arguments you make.
Part Two: Demonstration
In the second element of the report you are expected to demonstrate how one of the mitigation`s described in the research section affects the exploit process.
This section should be a discussion of the exploit process, showing the effect of the mitigation on a basic exploit, then describing, and discussing the method used to bypass the mitigation.
You are also expected to critically analyze the methods used, with a detailed discussion around its strengths, weaknesses and other factors that can affect the changes of success.