{"id":17183344,"url":"https://github.com/teodutu/tssc","last_synced_at":"2025-03-25T02:39:00.832Z","repository":{"id":121179206,"uuid":"342719563","full_name":"teodutu/TSSC","owner":"teodutu","description":"Testarea Securitatii Sistemelor de Calcul - UPB 2021","archived":false,"fork":false,"pushed_at":"2021-06-19T19:58:45.000Z","size":7043,"stargazers_count":2,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-30T03:42:31.494Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Jupyter Notebook","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/teodutu.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-02-26T22:44:49.000Z","updated_at":"2024-06-16T22:51:26.000Z","dependencies_parsed_at":null,"dependency_job_id":"c29921f6-200b-45da-ad4e-7607fe22e293","html_url":"https://github.com/teodutu/TSSC","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/teodutu%2FTSSC","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/teodutu%2FTSSC/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/teodutu%2FTSSC/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/teodutu%2FTSSC/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/teodutu","download_url":"https://codeload.github.com/teodutu/TSSC/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245388255,"owners_count":20607146,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-15T00:40:15.716Z","updated_at":"2025-03-25T02:39:00.816Z","avatar_url":"https://github.com/teodutu.png","language":"Jupyter Notebook","funding_links":[],"categories":[],"sub_categories":[],"readme":"# TSSC\nTestarea Securitatii Sistemelor de Calcul - UPB 2021:\nhttps://ocw.cs.pub.ro/courses/isc\n\n\n## Laboratoare\n### Laborator 1 - Generalitati\nChestii introductive, oarecum recapitulative. Nimic complicat, doar cerinta 8\ne prea tractor si prea jegoasa.\n\n### Laborator 2 - Securitate Hardware (SGX)\nSe folosesc cateva functii din API-ul **SGX**:\n- `sgx_read_rand`\n- `sgx_seal_data`\n- `sgx_unseal_data`\npentru a se cripta un mesaj random, care apoi este scris intr-un fisier, citit\nsi decriptat.\n\n### Laborator 3 - Criptografie\nSe experimenteaza metode de decriptarea a *AES*, *RSA*, *OTP* etc folosind\ndiverse informatii fie despre cheii, fie despre mesajele transmise.\n\n### Laborator 4 - Controlul accesului\nFacut doar pe fep pentru ca era nevoie de creat utilizatori, grupuri, basini.\nSe folosesc perimisiuni (printre care si SETUID si SETGIT) + ACL-uri ca sa se\ngestioneze accesul unor utilizatori la diverse directoare si fisiere.\n\n### Laborator 5 - Application Security\nSe face un buffer overflow chior prin care se apeleaza o functie cu un parametru\nsuprascriind EIP-ul.\n\n### Laborator 6 - OS Security\nSe apeleaza un shellcode si se creeaza un mic DOS pentru un server de apache2\ncare ruleaza **intr-un container de docker in plm...**. Interesant e ca serverul\nomoara conexiunea catre scriptul care ruleaza exploitul dupa ceva timp de cand\ni se umple memoria, deci nu-i chiar asa prost.\n\n### Laborator 7 - Network Security\nRahaturi cu `iptables` si un atac *Man in the Middle*. Toate atacurile se fac pe\ndockere. Cam plictisitor labul asta.\n\n### Laborator 8 - Web Security\nIn sfarsit un lab mai ok ca se fac atacuri de*SQL Injection*. In rest tot\nmizerii. Si, bineinteles, labul explicat ca un cur.\n\n### Laborator 9 - Forensics\nCTF-uri pe teme generice, de obicei fisiere cu diverse formate. Printre cele mai\nmisto laburi.\n\n## Laborator 10 - PGP\nComenzi simple de *GPG*: creare, semnare de chei, criptare si semnare de mesaje,\nprecum si decriptare si verificare semnaturi. Facut pe *OpenStack*.\n\n## Laborator 11 - ML Security\nSe foloseste un *ResNet 18* pentru a genera un input care sa fie clasificat\ndrept semnul rutier *STOP*. Un lab usurel, si clar mai interesant decat ala de\nGPG.\n\n\n## Teme\n### Tema 1\nTema contine 3 cerinte: o mizerie de cripto care pana la urma a fost relativ\ninteresanta, un exploit foarte misto al `SETUID` si un buffer overflow banal, ca\nla IOCLA.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fteodutu%2Ftssc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fteodutu%2Ftssc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fteodutu%2Ftssc/lists"}