Applied Information Security : 02 Hacking Systems-Level

Preparation

Systems:

Computer Systems, by Arpaci-Dusseau, Chapter 1 (10 pages)
Operating Systems, by Arpaci-Dusseau, Chapter 4 (8 pages)
Database Systems (SQL Tutorial), SELECT, INSERT, JOIN, UNION (6 pages)

Attacks:

Command Injection (3 pages)
SQL Injection (4 pages)
Buffer Overflow, Overview, up-to-and-including Section 2 (3 pages)
Buffer Overflow (6 pages)

Lecture

Slides
Video (TBA)

Exercise

Exercises

Further Reading

Command Injection Attack (4:22)
Command Cheat Sheet, JSLinux
SQL Injection Attacks, by Computerphile (8:58)
SQL Injection Attack, see video in reading material.
SQL Cheat Sheet, SQL Injection Cheat Sheet, SQL Fiddle
Credentials Stuffing
Buffer Overflow Attacks, by Computerphile (17:29)
Buffer Overflow Attack (12:22)
Buffer Overflow, "Smashing the Stack for Fun and Profit", pages 1-16 (16 pages)
- here is the original in HTML/ASCII typesetting
Another (12 pages, URL broken; here is a backup)
Compiler Explorer (in case you want to play w/ Assembly)