From the course: Threat Modeling: Tampering in Depth
Debuggers and input
From the course: Threat Modeling: Tampering in Depth
Debuggers and input
- [Instructor] There are lots of ways to modify a process. Your job in security is to ensure there's a match between what you intend to authorize and what the system understands you've authorized. One way to modify a process is with a debugger. It's one process under your control changing another process under your control. Sometimes a process has certain privileges that might be the ability to run the software at all under licensing, or maybe the process has a set UIT bit and the invoker will try to modify how those privileges get used. Oftentimes the attack will come in the form of tampering with the environment. Changing the libraries or changing a process' view of the file system. Another way to tamper with a process is to send it random input. Code will often really surprise you when it gets random input, but is that really tampering? After all, the code is doing what it's told. One important part of the way to think about random input is that the code may be out of control. Another part of how to think about random input is that the code wasn't really very precise in the first place. When we're feeding random input to a program, we call it fuzzing. And fuzzing is one important way to ensure the code does what you intend and only what you intend.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.