are text only data formats safe
play

Are Text-Only Data Formats Safe? Stephen Checkoway, Hovav Shacham, - PowerPoint PPT Presentation

Dec 01, 2023 •157 likes •333 views

Are Text-Only Data Formats Safe? Stephen Checkoway, Hovav Shacham, Eric Rescorla Tuesday, April 27, 2010 1 Intuitive data-safety scale Unsafe Safe ASCII Text Executables Media Web Applications Documents Tuesday, April 27, 2010 2 T EX

  1. Are Text-Only Data Formats Safe? Stephen Checkoway, Hovav Shacham, Eric Rescorla Tuesday, April 27, 2010 1

  2. Intuitive data-safety scale Unsafe Safe ASCII Text Executables Media Web Applications Documents Tuesday, April 27, 2010 2

  3. T EX ‣ Document preparation language ‣ 7-bit ASCII text ‣ Understands boxes and glue boxes and glue ‣ Makes pretty equations H ( x, y ) log H ( x, y ) � D ( H � R ) = R ( x, y ) x,y ∈X Tuesday, April 27, 2010 3

  4. How we use T X E T EX Tuesday, April 27, 2010 4

  5. Intuitive data-safety scale Unsafe Safe ASCII Text Executables Media T X Web Applications Documents E Tuesday, April 27, 2010 5

  6. More T X E ‣ Turing-complete, macro language: \def ‣ Read/write files: \read , \write ‣ Extremely malleable syntax: \catcode Tuesday, April 27, 2010 6

  7. Taking control with T X E Operating Distribution How System Write to Startup Write to web T EX Live directory Tuesday, April 27, 2010 7

  8. A T L X virus lifecycle E ‣ Compile sploit.tex ‣ C:\DOCUME~1\ADMINI~1\STARTM~1 \PROGRAMS\STARTUP\sploit.js ‣ Restart computer ‣ sploit.js finds .tex files; inserts the virus Tuesday, April 27, 2010 8

  9. Data exfiltration ‣ Read sensitive files ‣ \input , \include ‣ \read , \readline ‣ Typeset data in output PDF Tuesday, April 27, 2010 9

  10. Input filtering ‣ Filter out dangerous control sequences ‣ Math mode Tuesday, April 27, 2010 10

  11. T EXniques to bypass filters ‣ Macros like \input ‣ \@input , \@iinput , \@input@ , \@@input ‣ \lstinputlisting , \verbatiminput ‣ Bypass filters ‣ \csname , \begin , ^^xy , \catcode ‣ Escape math mode ‣ \end{eqnarray} , \end{align} Tuesday, April 27, 2010 11

  12. Tuesday, April 27, 2010 12

  13. T X’s malleability E ‣ Category codes control functionality ‣ Can be changed by \catcode \catcode`Z=0 ZTeX Tuesday, April 27, 2010 13

  14. An example: xii.tex By David Carlisle \let~\catcode~`76~`A13~`F1~`j00~`P2jdefA71F~`7113jdefPALLF PA''FwPA;;FPAZZFLaLPA//71F71iPAHHFLPAzzFenPASSFthP;A$$FevP A@@FfPARR717273F737271P;ADDFRgniPAWW71FPATTFvePA**FstRsamP AGGFRruoPAqq71.72.F717271PAYY7172F727171PA??Fi*LmPA&&71jfi Fjfi71PAVVFjbigskipRPWGAUU71727374 75,76Fjpar71727375Djifx :76jelse&U76jfiPLAKK7172F71l7271PAXX71FVLnOSeL71SLRyadR@oL RrhC?yLRurtKFeLPFovPgaTLtReRomL;PABB71 72,73:Fjif.73.jelse B73:jfiXF71PU71 72,73:PWs;AMM71F71diPAJJFRdriPAQQFRsreLPAI I71Fo71dPA!!FRgiePBt'el@ lTLqdrYmu.Q.,Ke;vz vzLqpip.Q.,tz; ;Lql.IrsZ.eap,qn.i. i.eLlMaesLdRcna,;!;h htLqm.MRasZ.ilk,% s$;z zLqs'.ansZ.Ymi,/sx ;LYegseZRyal,@i;@ TLRlogdLrDsW,@;G LcYlaDLbJsW,SWXJW ree @rzchLhzsW,;WERcesInW qt.'oL.Rtrul;e doTsW,Wk;Rri@stW aHAHHFndZPpqar.tridgeLinZpe.LtYer.W,:jbye Tuesday, April 27, 2010 14

  15. Conclusions ‣ Binary/text distinction not a good classifier ‣ Arbitrary code execution ‣ Exfiltrate sensitive data Tuesday, April 27, 2010 15

  16. Questions? Owning people through a typesetting language; it seems unsporting, somehow. – Keaton Mowery Tuesday, April 27, 2010 16

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Requesting data from Entrez in different formats We can request data as text or as XML We can

Requesting data from Entrez in different formats We can request data as text or as XML We can

Requesting data from Entrez in different formats We can request data as text or as XML We can request data as text or as XML handle = Entrez.efetch(db="nucleotide", id="KT220438", rettype="gb", \

317 views • 18 slides
CSE 154 LECTURE 23: XML Storing structured data in arbitrary text formats (bad) My note: BEGIN

CSE 154 LECTURE 23: XML Storing structured data in arbitrary text formats (bad) My note: BEGIN

CSE 154 LECTURE 23: XML Storing structured data in arbitrary text formats (bad) My note: BEGIN FROM: Alice Smith (alice@example.com) TO: Robert Jones (roberto@example.com) SUBJECT: Tomorrow's "Birthday Bash" event! MESSAGE

718 views • 18 slides
CSE 154 LECTURE 23: XML Storing structured data in arbitrary text formats (bad) My note: BEGIN

CSE 154 LECTURE 23: XML Storing structured data in arbitrary text formats (bad) My note: BEGIN

CSE 154 LECTURE 23: XML Storing structured data in arbitrary text formats (bad) My note: BEGIN FROM: Alice Smith (alice@example.com) TO: Robert Jones (roberto@example.com) SUBJECT: Tomorrow's "Birthday Bash" event! MESSAGE

675 views • 22 slides
Data Exchange Formats Data Manipulation in Python 1 / 7 Data Exchange Formats XML A

Data Exchange Formats Data Manipulation in Python 1 / 7 Data Exchange Formats XML A

Data Exchange Formats Data Manipulation in Python 1 / 7 Data Exchange Formats XML A verbose textual representation of trees JSON JavaScript Object notation like a Python dict 2 / 7 XML Format people.xml: <?xml

75 views • 7 slides
1 2 This demonstration is aimed at anyone with lots of text, unstructured or multi- format data

1 2 This demonstration is aimed at anyone with lots of text, unstructured or multi- format data

1 2 This demonstration is aimed at anyone with lots of text, unstructured or multi- format data to analyse. This could be lots of Word, PDF and text file formats or in various databases or spreadsheets, maybe loaded with acronyms and

520 views • 30 slides
DHE/DHC Data Formats v. 0.4.38 May 6, 2015 Contents 1 DHP Data Formats[1] 2 1.1 Frame

DHE/DHC Data Formats v. 0.4.38 May 6, 2015 Contents 1 DHP Data Formats[1] 2 1.1 Frame

DHE/DHC Data Formats v. 0.4.38 May 6, 2015 Contents 1 DHP Data Formats[1] 2 1.1 Frame Header . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.2 Zero Suppressed Format . . . . . . . . . . . . . . . . . . . . . . 2 1.3 Raw

481 views • 16 slides
Working with text xt file formats CSV, JSON, XML, Excel regular expressions module

Working with text xt file formats CSV, JSON, XML, Excel regular expressions module

Working with text xt file formats CSV, JSON, XML, Excel regular expressions module re, finditer Some fi file formats File extension Content File extension Description .html HyperText Markup Language .exe Windows executable

413 views • 23 slides
Working with text xt file formats CSV, JSON, XML, Excel regular expressions module

Working with text xt file formats CSV, JSON, XML, Excel regular expressions module

Working with text xt file formats CSV, JSON, XML, Excel regular expressions module re, finditer Some fi file formats File extension Content File extension Description .html HyperText Markup Language .exe Windows executable

578 views • 15 slides
Sequence File Formats Sequence File Formats Different formats for different uses

Sequence File Formats Sequence File Formats Different formats for different uses

Sequence File Formats Sequence File Formats Different formats for different uses Competing formats developed in parallel Some easy to read, some easy to write programs Dont have to stick to these formats, but parsers

210 views • 18 slides
Text Mining Text Mining Web pages Emails Technical documents Corporate documents

Text Mining Text Mining Web pages Emails Technical documents Corporate documents

Motivation for Text Mining Motivation for Text Mining Approximately 90% of the Worlds data is held in unstructured formats Text Mining Text Mining Web pages Emails Technical documents Corporate documents Books

456 views • 9 slides
Storage Formats Storage Formats 1 1 Overview We covered storage of unstructured files in HDFS

Storage Formats Storage Formats 1 1 Overview We covered storage of unstructured files in HDFS

Storage Formats Storage Formats 1 1 Overview We covered storage of unstructured files in HDFS Partition into blocks Replicate to data nodes HDFS treats each file as a stream of data, i.e., it is data agnostic This lecture covers an

596 views • 25 slides
CSE 154 LECTURE 9: FORMS Web data most interesting web pages revolve around data

CSE 154 LECTURE 9: FORMS Web data most interesting web pages revolve around data

CSE 154 LECTURE 9: FORMS Web data most interesting web pages revolve around data examples: Google, IMDB, Digg, Facebook, YouTube, Rotten Tomatoes can take many formats: text, HTML, XML, multimedia many of them allow us to

557 views • 21 slides
CSE 154 LECTURE 8: FORMS Web data most interesting web pages revolve around data

CSE 154 LECTURE 8: FORMS Web data most interesting web pages revolve around data

CSE 154 LECTURE 8: FORMS Web data most interesting web pages revolve around data examples: Google, IMDB, Digg, Facebook, YouTube, Rotten Tomatoes can take many formats: text, HTML, XML, multimedia many of them allow us to

870 views • 18 slides
Form Basics 1 CS380 Web Data 2 Most interesting web pages revolve around data

Form Basics 1 CS380 Web Data 2 Most interesting web pages revolve around data

Form Basics 1 CS380 Web Data 2 Most interesting web pages revolve around data examples: Google, IMDB, Digg, Facebook, YouTube, Rotten Tomatoes can take many formats: text, HTML, XML, multimedia Many of them allow us to access

322 views • 17 slides
CS145: INTRODUCTION TO DATA MINING Text Data: Topic Model Instructor: Yizhou Sun

CS145: INTRODUCTION TO DATA MINING Text Data: Topic Model Instructor: Yizhou Sun

CS145: INTRODUCTION TO DATA MINING Text Data: Topic Model Instructor: Yizhou Sun yzsun@cs.ucla.edu December 4, 2017 Methods to be Learnt Vector Data Set Data Sequence Data Text Data Logistic Regression; Nave Bayes for Text

418 views • 30 slides
Validity of SAFE Item Development Pilot testing of Response Generation 40 patients formats

Validity of SAFE Item Development Pilot testing of Response Generation 40 patients formats

Validity of SAFE Item Development Pilot testing of Response Generation 40 patients formats (13 items) Body Caricatures Development & Face Facial Expressions Shape Gradients Subathra Jeyaram 1 , Surendran Veeraiah 1 & Vidhubala

501 views • 3 slides
Outline Introduction Malicious Code Viruses CS 236 Trojan horses Computer

Outline Introduction Malicious Code Viruses CS 236 Trojan horses Computer

Outline Introduction Malicious Code Viruses CS 236 Trojan horses Computer Security Trap doors March 14, 2007 Logic bombs Worms Examples Lecture 15 Lecture 15 Page 1 Page 2 CS 236, Winter 2007 CS 236,

341 views • 12 slides
Adrian Pagan The Objective The paper wants to make a choice between two micro pricing models

Adrian Pagan The Objective The paper wants to make a choice between two micro pricing models

Adrian Pagan The Objective The paper wants to make a choice between two micro pricing models - menu cost and Calvo Use evidence on this that doesnt just doesnt come from micro data A challenge for traditional menu cost models is

198 views • 9 slides
Programming for Engineers Multiple Source Files ICEN 200 Spring 2018 Prof. Dola Saha 1 C

Programming for Engineers Multiple Source Files ICEN 200 Spring 2018 Prof. Dola Saha 1 C

Programming for Engineers Multiple Source Files ICEN 200 Spring 2018 Prof. Dola Saha 1 C Source Files A C program may be divided among any number of source files. By convention, source files have the extension .c . Each source

559 views • 12 slides
Standard Cell Library/Library Exchange Format (LEF) Advanced VLSI Design CMPE 641 Library

Standard Cell Library/Library Exchange Format (LEF) Advanced VLSI Design CMPE 641 Library

Standard Cell Library/Library Exchange Format (LEF) Advanced VLSI Design CMPE 641 Library Exchange Format (LEF) An ASCII data format, used to describe a standard cell library Includes the design rules for routing and the Abstract of the cells,

457 views • 10 slides
Input data IN TRODUCTION TO TEN S ORF LOW IN P YTH ON Isaiah Hull Economist INTRODUCTION TO

Input data IN TRODUCTION TO TEN S ORF LOW IN P YTH ON Isaiah Hull Economist INTRODUCTION TO

Input data IN TRODUCTION TO TEN S ORF LOW IN P YTH ON Isaiah Hull Economist INTRODUCTION TO TENSORFLOW IN PYTHON Importing data for use in TensorFlow Data can be imported using tensorflow Useful for managing complex pipelines Not necessary

432 views • 32 slides
Motion Aftereffects Without Motion: Engaging the Human Motion Perception System With Still

Motion Aftereffects Without Motion: Engaging the Human Motion Perception System With Still

Motion Aftereffects Without Motion: Engaging the Human Motion Perception System With Still Photographs Jonathan Winawer Stanford University None of these images contain motion Yet, some images have more motion than others 1 Were the two

579 views • 15 slides
Fannie Mae and Freddie Macs Duty to Serve the Manufactured Housing Market: An Update for 2019

Fannie Mae and Freddie Macs Duty to Serve the Manufactured Housing Market: An Update for 2019

Fannie Mae and Freddie Macs Duty to Serve the Manufactured Housing Market: An Update for 2019 February 26, 2019 2:30 4:00 PM EST Welcome Ju Justin Chu Senior Program Associate, Field Engagement Prosperity Now Housekeeping This

740 views • 25 slides
Cost estimation result consistency: Implications for SBSE Marc Roper Sukumar Letchmunan Murray

Cost estimation result consistency: Implications for SBSE Marc Roper Sukumar Letchmunan Murray

Cost estimation result consistency: Implications for SBSE Marc Roper Sukumar Letchmunan Murray Wood Dept. Computer and Information Sciences University of Strathclyde Cost Estimation Given a project with various parameters: P(X 1 , X 2 , ...

327 views • 16 slides

More recommend