Skip to content
/ CRATE Public

Containerized Repository of Attacks and Testable Exploits. A set of containerized exploits for testing security hardening measures that I wrote for my 4th year honours project.

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

JacobInwald/CRATE

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

96 Commits
completed
completed
 
 
examples
examples
 
 
inprogress
inprogress
 
 
.gitignore
.gitignore
 
 
.gitmodules
.gitmodules
 
 
README.md
README.md
 
 
write-up.pdf
write-up.pdf
 
 

Repository files navigation

Is more better? Evaluating security hardening options in GCC

This is my 4th year honours project from the University of Edinburgh. This project investigates whether combinations of hardening measures create new unintended side effects, such as one causing failure of another, or introducing new vulnerabilities. This projects key contributions and findings include:

  • A repeatable framework for reproducing crowd-sourced exploits. To curate the dataset of exploits, I formulate a framework to ensure that any results are repeatable, and usable for research outside the scope of this project.
  • A curated dataset of exploit-code pairings. I use the framework to create a small dataset of exploit-code pairings, that can be used to test the hypothesis of this project. Moreover, these exploits are robust, meaning that they can be run on a variety of x86-64 machines to achieve similar results.
  • Systemic evaluation of combinations of hardening flags. Two separate approaches are used to evaluate the effectiveness of combinations. Namely, these approaches are benchmarking and case study analysis. Overall, more is better, excepting one possible interaction.
  • Correction of misinformation regarding certain exploits. This project finds inconsistencies in a variety of exploits tested, including errors in the National Vulnerability Database.

Overview

This repository contains the information used for my dissertation, alongside some forks of benchmarks used. The structure is:

  • inprogress: Attempted case studies, but not reproduced.
  • completed: Reproduced case studies from this project.
  • examples: Minimal examples of hardening flags, in the same format as the others.
  • writeup.pdf: My dissertation/write-up

Usage

Exploring the test cases in inprogress, completed and examples is quite simple. All of them have the exact same following commands:

    make build      # Builds the docker image
    make run/zsh    # Opens a zsh prompt in the image
    make run/bash   # Opens a bash prompt in the image
    make clean      # Remove unused images
    make run/demo   # Runs the demo script for each case study

These should be run withing the containing folder of the exploit.

Each other section of the project has a README file in their folder to provide instructions.

Contributions

If this project sounds interesting to you, feel free to get in contact! To add another exploit, simply copy the template found in data/_template and get cracking!

About

Containerized Repository of Attacks and Testable Exploits. A set of containerized exploits for testing security hardening measures that I wrote for my 4th year honours project.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages