Tuples(Arrays), Error handling and Secure Programming Lab

Infosec Learning
Virtual Lab

As operating systems have become more secure, attackers have changed their focus to application vulnerabilities. When patch updates are released by vendors to correct a security vulnerability, it is often because the affected application was not written properly in the first place. In this lab, we will explore how a program that works just fine can...

Time
1 hour 30 minutes
Difficulty
Intermediate
Share
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Overview

As operating systems have become more secure, attackers have changed their focus to application vulnerabilities. When patch updates are released by vendors to correct a security vulnerability, it is often because the affected application was not written properly in the first place.

In this lab, we will explore how a program that works just fine can be made to crash through malicious intent. Program crashes often result in denial of service, but under the right (wrong?) conditions, the attacker can gain access to the system with administrator privileges. What many find very troubling is that programmers continue to write code that includes well-known vulnerabilities. We’ll explore using the try/except construct to prevent problems from becoming vulnerabilities.

The variables we have worked with so far store a single value. A variable that can contain more than one value at the same time is called a data structure. We’ll introduce the tuple data structure, which can add enormous capabilities to your programs.