SHREE LEARNING ACADEMY

Shimming

Shimming refers to the practice of adding supplementary or compensatory code to a system in order to modify its behavior, while keeping the original code intact. To illustrate this concept, imagine a table on an uneven floor that wobbles. In such a scenario, a shim can be inserted under the leg of the table to stabilize it, without having to reconstruct or modify the table itself. The use of a shim can provide a swift solution for modifying the behavior of existing software or firmware code without having to alter the core code base. It can either alter operations on the spot or allow for testing of new options before making any modifications to the underlying code.

As long as a shim is capable of accepting output from a preceding programming object or subroutine and providing suitable input to the receiving element, it can be placed at any point in between the two. The function of a shim is to capture API calls, output, or messages from the initial element, process the obtained data, and then produce output that is compatible with the input of the subsequent element.

Shims are commonly utilized to sustain legacy applications when essential functionalities are no longer supported by the hardware platform. In such cases, the shim serves as a compatibility interface that bridges the gap between the outdated API and the new one.

In addition to their legitimate uses, shims can also be utilized by malicious actors to insert alternative commands into an operating environment, implant hooks for surveillance and manipulation purposes, or gain remote access to and seize control of a target.

Shimming Cases

There have been several documented cases of shimming attacks, here are a few examples:

• In 2019, a group of cybercriminals were found to be using shimming attacks to steal credit card details from point-of-sale (POS) terminals in several U.S. states. The attackers used shims to intercept data between the card readers and the POS software, allowing them to steal credit card information without detection.
• In 2018, researchers discovered a new form of DLL injection attack that used shims to bypass Microsoft's built-in security features. The attackers used shims to inject a malicious DLL into the memory of a legitimate Windows process, allowing them to run their own code with elevated privileges.
• In 2017, security researchers discovered a vulnerability in several widely-used banking apps that could be exploited using a shim. The attackers could use a shim to intercept communication between the app and the bank's servers, allowing them to steal login credentials and carry out fraudulent transactions.
• In 2016, a group of hackers used a shim to bypass the security controls on an online trading platform. The attackers used the shim to intercept user authentication data and gain access to the trading platform, allowing them to carry out unauthorized trades and steal funds.
• In 2015, a group of attackers used a shim to bypass the security controls on a popular social media site. The attackers used the shim to intercept user login credentials and gain access to user accounts, allowing them to carry out a range of malicious activities.

Refactoring

Refactoring involves restructuring or reorganizing software code in a way that does not affect its externally observable behavior or produced outcomes. Its primary goal is to enhance the non-functional aspects of the software, such as quality attributes, non-behavioral requirements, service requirements, or constraints. Refactoring has the potential to enhance the readability of code, reduce complexity, facilitate troubleshooting, and simplify future expansion and extension efforts. It can also streamline internal programmatic logic and eradicate latent or unresolved bugs or weaknesses. When refactoring, the objectives are to uphold the existing external behavior and prevent the introduction of new bugs or flaws.

The aim of refactoring is to simplify the code, eliminate redundancies, and avoid lengthy, monolithic code structures. This is achieved by partitioning the computer code into separate encapsulated elements, modules, objects, or subroutines. Such an approach allows programmers to create code that is easier to test, validate, and modify.Many experts in the field consider refactoring to be a crucial practice for professional programmers.

Refactoring can serve as a technique to address programming shortcuts or rectify inelegant solutions. At times, programmers may use shortcuts to make their code work, instead of crafting a longer and more comprehensive approach. Initially, it may seem acceptable, but as more components of the code rely on the cheat, the overall software becomes increasingly unstable and undependable. This phenomenon is referred to as technical debt, and similar to financial debt, it can accrue interest and pose a risk of making the resulting software insecure or unstable. Through refactoring, a programmer can replace shortcuts with appropriate instructions, allowing for more reliable and thorough modeling or crafting of behaviors.