Overview
As operating systems have become more secure, attackers have changed their focus to application vulnerabilities. When patch updates are released by vendors to correct a security vulnerability, it is often because the affected application was not written properly in the first place.
In this lab, we will explore how a program that works just fine can be made to crash through malicious intent. Program crashes often result in denial of service, but under the right (wrong?) conditions, the attacker can gain access to the system with administrator privileges. What many find very troubling is that programmers continue to write code that includes well-known vulnerabilities. We’ll explore using the try/except construct to prevent problems from becoming vulnerabilities.
The variables we have worked with so far store a single value. A variable that can contain more than one value at the same time is called a data structure. We’ll introduce the tuple data structure, which can add enormous capabilities to your programs.
outcomes
In this lab, you will learn to:
- Use tuples/arrays data structure.
- Use basic secure programming concepts and input validation.
- Do network programming.