Hands-on practice is an efficient way for penetration testers to gain in-depth knowledge of a certain skill or technology. Providing hands-on practice requires setting up an environment for test and training purposes. Setting up a test environment manually can be time-consuming and very frustrating. This is caused by long installation processes and configuration procedures. Besides that, setting up big test environments can be expensive due to the necessary infrastructure or computational power.
Being introduced first in Linux kernel version 2.4.19 in 2002, namespaces define groups of processes that share a common view regarding specific system resources. This ultimately isolates the view on a system resource a group of processes may have, meaning that a process can for instance have its own hostname while the real hostname of the system may have an entirely different value.
This is the first part of a three part series about power analysis based software reverse engineering. It is part of our work in the SecForCARs project and the bachelor thesis ‘Poweranalyse basiertes Software Reverse Engineering mit Hilfe von Fuzzing’. The results will be summarized in this blogpost series. In this first part the goals of the research and the power analysis template extraction process are presented.