48
Data Processing Systems
REGGIO DI CALABRIA
Overview
Date/time interval
Syllabus
Course Objectives
The course aims to teach:
- The main vulnerabilities of web applications and the most common attacks, in order to develop secure software
- The main techniques used to exploit such vulnerabilities (penetration testing)
- The main buffer overflow techniques and their mitigations
Course Prerequisites
It is important that the student has knowledge of the following topics (in parentheses, the courses in which they were covered):
-Basic elements of programming (Fundamentals of Computer Science)
-Basic notions of memory allocation for running processes (Operating Systems)
-Basic elements of web security (Cybersecurity)
Relevant topics will be reviewed during the lectures.
Teaching Methods
The course consists of lectures integrated with computer-based practical exercises. During each class, the main theoretical concepts are introduced and are immediately followed by hands-on computer activities aimed at applying and reinforcing the knowledge acquired.
Overall, the course includes approximately 18 hours dedicated to theoretical instruction and 30 hours of practical computer-based exercises, during which students apply the presented techniques through guided exercises and activities focused on the analysis of vulnerabilities in applications.
Assessment Methods
The assessment consists of a practical exam (duration: 1 hour) and an oral examination, corresponding to the two modules of the course.
During the practical exam, students will be required to identify and exploit vulnerabilities in specially prepared web applications. At the end of the exercise, they must produce a technical report describing the vulnerabilities discovered, the techniques used to exploit them, their impact on system security, and possible mitigation strategies.
The oral examination aims to discuss the report produced during the practical exam and to verify the student’s understanding of the theoretical concepts covered during the course, with particular reference to common web application vulnerabilities, exploitation techniques, and defense mechanisms. During the discussion, students will also be evaluated on their ability to critically analyze the techniques used and justify the adopted solutions.
The final evaluation will consider the technical correctness of the solutions, the understanding of theoretical concepts, the ability to apply the studied techniques, and the clarity and rigor of the presentation and analysis.
Evaluation Criteria
30 – 30 with honors (Excellent)
The student demonstrates a complete and detailed knowledge of the topics covered, using appropriate terminology and accurately explaining the main concepts of web application security and exploitation. The student shows an in-depth understanding of the analyzed vulnerabilities and of attack and mitigation techniques. They are able to confidently apply the acquired knowledge, exploit complex vulnerabilities, critically analyze the obtained results, and justify the technical choices made. The presentation is clear, rigorous, and well structured.
28 – 29 (Very Good)
The student demonstrates a thorough knowledge of the subject and a solid understanding of the main web application vulnerabilities and exploitation techniques. They are able to correctly apply the studied techniques and analyze the results obtained during the practical exam. The presentation is clear and well organized, although minor inaccuracies or limited depth of analysis may be present.
25 – 27 (Good)
The student has a good knowledge of the main topics of the course and is able to apply basic techniques for identifying and exploiting vulnerabilities. Key concepts of web application security are understood, although they may not always be explained with full precision or completeness. The presentation is generally clear, although sometimes schematic or not fully developed.
22 – 24 (Fair)
The student demonstrates an overall adequate knowledge of the topics covered, although with some gaps or uncertainties. They are able to identify and exploit basic vulnerabilities and discuss the obtained results, although with limited autonomy or some technical inaccuracies. The presentation is correct but not always fully structured.
18 – 21 (Satisfactory)
The student demonstrates an essential knowledge of the fundamental concepts of web application security and the exploitation techniques covered during the course. They are able to address basic exercises related to the identification of web vulnerabilities or simple buffer overflow scenarios, although with some difficulties in applying the techniques and presenting the results.
Fail
The student does not demonstrate an adequate knowledge of the fundamental topics of the course. The practical and/or oral exam reveal significant errors, major gaps, or an inability to correctly apply vulnerability analysis and exploitation techniques, and therefore the minimum requirements to pass the exam are not met.
Texts
-Slides
-Exercise handouts
-Recommended websites for each topic
Contents
Course program
The course is divided into two modules: Web Security (Web Hacking) and Software Security (Binary Exploitation).
Module 1: Web Security (Web Hacking) (4 CFU)
This module focuses on the main vulnerabilities of web applications. The topics covered include:
(1 CFU)
Bruteforce, SQL Injection – Union Based, SQL Injection – Error Based, SQL Injection – Blind (Time-Based), SQL Injection – Blind (Boolean-Based)
(1 CFU)
Introduction to Docker, Burp Suite, sqlmap, OS Command Injection, Unrestricted File Upload
(1 CFU)
Reflected Cross-Site Scripting, Stored Cross-Site Scripting, DOM-Based Cross-Site Scripting, File Inclusion, Session Issues
(1 CFU)
Insecure Direct Object Reference (IDOR), Missing Functional Level Access Control, XML External Entity (XXE), Server-Side Template Injection, Content Security Policy (CSP), Insecure Deserialization
Module 2: Software Security (Binary Exploitation) (2 CFU)
This module introduces the concepts needed to exploit vulnerabilities in binary programs. Topics include:
(0.5 CFU)
-Fundamentals of Architecture and Low-Level Programming: Assembly language for 32-bit Intel architecture, CPU registers and their usage, the stack and memory areas of a running process, calling conventions, and the compilation process of a program written in C.
(1.5 CFU)
-Stack Buffer Overflow: Basic concepts of stack overflow, EIP overwrite and control of execution flow, shellcode injection, ret2libc, mitigations and countermeasures.
Expected Results
Knowledge and understanding
Students will acquire in-depth knowledge of the main vulnerabilities of web applications and software and how to mitigate them. They will understand the main attack models in the web and binary exploitation fields. They will learn about the penetration testing methodologies and tools used to identify and analyze security vulnerabilities.
Ability to apply knowledge and understanding
Students will be able to identify, analyze, and exploit vulnerabilities in web and software applications in a controlled manner. They will also know how to implement appropriate countermeasures to mitigate the vulnerabilities identified.
Autonomy of judgment
Students develop the ability to critically assess the security level of a vulnerability, identifying its risks and potential impacts. They are able to independently choose the most appropriate analysis tools and methodologies for the application context and to evaluate the effectiveness of the mitigation techniques adopted.
Communication skills
Students are able to document identified vulnerabilities in a clear and structured manner, drafting technical security reports. They know how to effectively communicate security issues to both technical and non-technical audiences, adapting the level of detail and language to the recipient.
Learning skills
Students develop the ability to keep themselves up to date with the latest threats and attack techniques by consulting technical documentation, security advisories, and new vulnerabilities. They are able to independently explore new security analysis tools and methodologies, adapting to the constantly evolving cybersecurity landscape.
More information
Teams code: x17tmed
I invite students to join the Team to access the teaching materials.