Rust (rustlang) is a strongly typed and safe systems programming language developed by Mozilla. Over the year, it has become the language of choice to build memory-safe programs while maintaining high performance at scale. Usually, Rust is used for files format and protocols parsers but also on critical projects like in the new high-performance browser engine, Servo.
However, coding using memory-safe language doesn’t mean the code will be bugs-free. Different kind of rust security vulnerability like overflows, DoS, UaF, OOB, etc. can still be found and sometime exploited to achieve remote code execution (RCE).
Goal of this course is to give you all the prerequisites to understand which kind of vulnerability can be found inside Rust code. You will learn how to find low hanging fruits bugs manually and automatically using Rust security auditing tools. Finally, you will discover how to build custom Rust fuzzers, triage/debug crashes and improve your code coverage using different techniques.
Along this training, students will deal with a lots of hands-on exercises allowing them to internalize concepts and techniques taught in class.
The first day focuses on code audit and Rust security vulnerability research. Students will first learn which security mechanism are enforced by default in Rust, which vulnerabilities are the most common and how to detect them. Students will have the opportunity to analyze unsafe code and apply much of the theory in practice over small real-life hands-on assignments to highlight aspects of auditing Rust code.
Assignment 1: Rust introduction and security concepts
Assignment 2: Detect most common Rust vulnerabilities
Assignment 3: Auditing unsafe code
Assignment 4: Real-World: Audit popular Rust packages
This second day is more focus on automated Rust vulnerability detection using different fuzzing techniques. Students will first learn how to create Rust fuzz testing harnesses for a given target quickly using coverage-guided fuzzing. They will evaluate the Rust fuzz testing results and analyze crashes using debugging. Students will finally discover other advanced techniques to find in-depth bugs on popular Rust libraries.
Assignment 5: Fuzzing Rust library in less than 5 minutes
Assignment 6: Improve and analyze your fuzzing session
Assignment 7: Applied advanced Rust fuzzing techniques
Assignment 8: Real-World: Fuzzing popular Rust packages
Participants should have some basis with the Rust language and Linux. This course is suitable for people that are new to Rust. All the theory and concepts about Rust security vulnerability research and Rust fuzz testing will be explained during the course.
A working laptop capable of running virtual machines. 4GB RAM required, at a minimum. 40 GB free Hard disk space. Minimum software to install Virtualbox or VMware Player, VMware Workstation, VMware Fusion.