Home / Summaries / Security (Pre-Master 2021-2022) / buffer-escalation-privilege

Software Security

15 important questions on Software Security

What is privilege escalation? How is it obtained?

Obtaining privileges of another user that you don't have.
It is obtained through bugs, a wrong configuration, design flaws...

What two types of privilege escalation exist?

  • Vertical privilege escalation: Elevate the rights to a higher level.
    • How: Buffer overflows, Android rooting, jailbreaking.
    • Goal: Obtain root access.
  • Horizontal privilege escalation: Obtain rights of another user on the same level.
    • How: Session hijacking using scross-site scripting, packet sniffing.

What is a race condition?

An undesirable situation that occurs when a device or system attempts to perform two or more operations at the same time, but because of its nature, the operations must be done in the proper sequence to be done correctly.

It can be a;
  • Software problem: TOCTTOU time-of-check-to-time-of-use or multithreading.  
  • Hardware problem: In Intel, CPUs...
  • Higher grades + faster learning
  • Never study anything twice
  • 100% sure, 100% understanding
Discover Study Smart
Testimonial person
Sophia
Law student
Quotes

For my 1st exam I got a C. Then, I started looking for ways to learn better and I came across Study Smart. Since then I have scored a A+, A, A- and another A. I highly recommend it to everyone who wants to hear it. I am so happy with it!!

Testimonial person
John
Economics Student
Quotes

I was struggling to finish all my first-year subjects for 3 years. Then I discovered Study Smart, which helped me to finish all of them within 3 months.

Testimonial person
Sara
Public Administration Student
Quotes

Because of StudySmart, things are going well in many ways. Before, I always had study stress and no time for anything. Now I feel calm and confident (because of the program). I used to score a B, now I usually score an A or A+.

Testimonial person
Mary
Business Student
Quotes

Hey Chris, I really want to thank you very much for developing the platform, I usually got around C for my exams, now I scored an A+, an A and a A- !!

Testimonial person
Melanie
Psychology Student
Quotes

Since using Study Smart, my average has increased significantly. I even completed a statistics course with a A+ while I'm bad at statistics. I took on extra courses this year, because of Study Smart. Thanks so much!

Testimonial person
Jane
Nursing Studies
Quotes

Ever since I started studying with StudySmart I passed all my exams !!! No more re-sits!! At first, I was happy with a pass and now I only get good grades. Many thanks!

Testimonial person
Rose
Political Science Student
Quotes

I aced all the courses I studied with Study Smart. For law, I first scored a D, and now an A! I’m 100% sure that I’ll pass all the courses I study with Study Smart.

Testimonial person
Tina
Medicine Student
Quotes

I always thought I studied well. My grades were fine. I could never have imagined that applying these study skills would have such a huge and direct impact on my grades, my speed and the pleasure I have in learning.

Testimonial person
Julie
Marketing Student
Quotes

For the first time, I finally feel totally confident about the way I learn. I have the perfect overview and make great progress in terms of speed and the grades I get. Thanks, Chris!

Testimonial person
Matt
Industrial Engineering Student
Quotes

I immediately started to enjoy learning again, and my grades soared. All of a sudden, everything went better. I highly recommend Study Smart to all students..

Testimonial person
Emma
Law Student
Quotes

Being able to create my materials online made the process of studying so much smoother and quicker. I no longer have to spend a huge amount of my time on creating my summaries.

Testimonial person
Michael
Psychology Student
Quotes

At first, my notes were a mess. Now I use Study Smart to take my notes in a perfectly structured way. It helps me to save a lot of time and do other things I enjoy.

Testimonial person
Emily
Teacher
Quotes

Students that study with Study Smart get better grades. The system applies all the learning methods in such a way that both well-performing students and students who struggle perform much better.

Testimonial person
Richard
Literature Student
Quotes

Hi Chris, I would like to thank you very much. Last year I scored C on a course, and this year I got an A+ thanks to your method! Thank you very much!

Testimonial person
Madison
Parent
Quotes

The largest effect is that my child is more enthusiastic about school! Every parent wants their children to be happy at school, Study Smart made it happen.

Testimonial person
Robert
Accountant Student
Quotes

In high school, I failed several exams, and that has really changed now. I actually needed this tool very much back then. Since I started studying with StudySmart, I haven't had any D's. My average score is now an A and those are results I would have never had in the past

Testimonial person
James
Business and Science Student
Quotes

With my old method, I passed only 3 out of 8 courses. Since I started taking my notes digitally in Study Smart, I have passed all my courses on the first try. For me, StudySmart takes away the stress of wondering if I will pass or not.

Testimonial person
Christopher
Veterinarian Student
Quotes

Thanks to StudySmart, I passed all my exams, and with better grades than before! On top of that, I have mastered a very good study method now, which I am confident will help me earn my degree.

For what malicious intent are race conditions used for?

Vertical privilege escalation and denial of service attacks.

What is a buffer overflow?


An error that occurs when a program, while
writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory locations.
Buffer contains data that is stored for a short amount of time. E.g. RAM.

What is the most commonly exploited type of security flaw?

Buffer overflows.

What programming languages are particularly vulnerable for buffer overflows? Why?

C and C++

- There is no check that data written to buffer is within the boundaries of
the buffer
- There exist vulnerable functions for manipulating strings: gets(), strcpy()

Name three ways to escalate privileges.

  • Malicious software = Can exploit buffer overflows or unintentional flaws.
  • Row hammer attacks = Row hammer is a vulnerability in DRAM chips that allows attackers to take advantage of devices by repeatedly triggering bit flips in order to modify or corrupt data.
    • Neighboring location can potentially belong to another process with different privileges.
  • SQL injection = Usually occurs when you ask a user for input on a web page (like their username) and instead of a username, the attacker gives you an SQL statement that you will unknowingly run on your database.
    • Attacker can learn/change/destroy existing data or make it unavailable.

What is session fixation?

It is a privilege escalation attack.
It permits an attacker to hijack a valid user session by making the victim click on a link with a fixed session ID known to the attacker.

What is DRM? What is bypassing DRM?

Digital Rights Management (DRM) is the protection of copyrighted works.

Bypassing DRM is a privilege escalation attack.
It is a type of jailbreaking for game consoles that allows the user to break out of the restricted environment and run the attacker's code.

Jailbreak is removing restrictions from a device imposed by the manufacturer or operator to allow the installation of unauthorized software.

What is input validation? Why do we use it?

The proper testing of any input given by a user or application. For example a birth date, email...

We use it to avoid things as buffer overflow or SQL injection. I.e. the input 98764874236492483649247836489236492  or DROP DATABASE users.

What is client-side input validation?

The user input is validated in the user's browser itself.
  • Typically done with Javascript
  • Does not require a round trip to the server so it reduces network traffic and is user friendly

What problem comes with client-side input validation?

The user can:
  • Turn off Javascript.
  • Edit the form before submitting it (using Tampermonkey or other software to run user scripts).
  • Write a script that interacts with the web server instead of using a web browser at all.
This skips the validation!


Even more, the user can send arbitrary values to the server this way. The user can also modify any client-side state.

What is server-side input validation?

User input is validated in the server. You have to do it, regardless of using client-side or not.


For values entered by the user:
  • Always do very careful checks on the values of all fields.
  • These values can potentially contain completely arbitrary data (including accented chars, control chars, etc.) and be of any length.

For client state:
  • Make sure client has not modified the data in any way.
  • Don't send the actual state but maintain a session id.

What is malware? How can it be executed?

Various forms of software written with malicious intent.

It can be executed by:
  • User action
    • Downloading and running malicious software.
    • Viewing a web page containing malicious code.
    • Opening an executable email attachment.
    • Inserting a CD/DVD or USB fash drive.
  • Exploiting an existing flaw in a system.
    • Buffer overfows in network daemons.
    • Buffer overfows in email clients, web browsers, database severs.

The question on the page originate from the summary of the following study material:

Security (Pre-Master 2021-2022)

View summary
  • A unique study and practice tool
  • Never study anything twice again
  • Get the grades you hope for
  • 100% sure, 100% understanding
Remember faster, study better. Scientifically proven.
Trustpilot Logo

Summaries related to Authentication