From the course: Threat Modeling: Tampering in Depth
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Libraries
- [Instructor] Code usually depends on libraries, and we rarely think about those libraries as attack vectors. How are libraries loaded? Usually they're loaded from disks. Ah, trustworthy, reliable, local disks. But storage gets modified, libraries on local disks are loaded by package managers. They can be loaded from the web. Each is subject to tampering. Do you see the pattern? When we talk about loading libraries from disk, the code has a load path, which is an ordered list of the directories that will be checked for libraries. The load path will often include the current working directory. If that happens to be Downloads, anyone who downloads a file there with the right extensions and permissions can have it load as a library. This is still a fun attack on Windows. Well, if you're attacking, it's fun. There's also tampering with libraries loaded with a package manager like npm or apt. An attacker, like a systems…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.