𝔖 Scriptorium
✦   LIBER   ✦
πŸ“

The Shellcoder's Handbook: Discovering and Exploiting Security Holes

✍ Scribed by Heasman, John; Richarte, Gerardo; Anley, Chris; Lindner, Felix

Publisher
Wiley
Year
2013
Tongue
English
Category
Library
⬇  Acquire This Volume

No coin nor oath required. For personal study only.

✦ Synopsis

UlliThis much-anticipated revision, written by the ultimate group of top security experts in the world, features 40 percent new content on how to find security holes in any operating system or applicationliNew material addresses the many new exploitation techniques that have been discovered since the first edition, including attacking "unbreakable" software packages such as McAfee's Entercept, Mac OS X, XP, Office Β Read more...


Abstract: UlliThis much-anticipated revision, written by the ultimate group of top security experts in the world, features 40 percent new content on how to find security holes in any operating system or applicationliNew material addresses the many new exploitation techniques that have been discovered since the first edition, including attacking "unbreakable" software packages such as McAfee's Entercept, Mac OS X, XP, Office 2003, and VistaliAlso features the first-ever published information on exploiting Cisco's IOS, with content that has never before been exploredliThe companion Web site features downloadable code files/ul

✦ Table of Contents

Content: ""Title Page""
""Copyright""
""Dedication""
""About the Authors""
""Credits""
""Acknowledgments""
""Introduction to the Second Edition""
""Part I: Introduction to Exploitation: Linux on x86""
""Chapter 1: Before You Begin""
""Basic Concepts""
""Recognizing C and C++ Code Constructs in Assembly""
""Conclusion""
""Chapter 2: Stack Overflows""
""Buffers""
""The Stack""
""Overflowing Buffers on the Stack""
""An Interesting Diversion""
""Using an Exploit to Get Root Privileges""
""Defeating a Non-Executable Stack""
""Conclusion""
""Chapter 3: Shellcode"" ""Understanding System Calls""""Writing Shellcode for the exit() Syscall""
""Injectable Shellcode""
""Spawning a Shell""
""Conclusion""
""Chapter 4: Introduction to Format String Bugs""
""Prerequisites""
""What Is a Format String?""
""What Is a Format String Bug?""
""Format String Exploits""
""Controlling Execution for Exploitation""
""Why Did This Happen?""
""Format String Technique Roundup""
""Conclusion""
""Chapter 5: Introduction to Heap Overflows""
""What Is a Heap?""
""Finding Heap Overflows""
""Conclusion"" ""Part II: Other Platformsâ€"Windows, Solaris, OS/X, and Cisco""""Chapter 6: The Wild World of Windows""
""How Does Windows Differ from Linux?""
""Heaps""
""The Genius and Idiocy of the Distributed Common Object Model and DCE-RPC""
""Debugging Windows""
""Conclusion""
""Chapter 7: Windows Shellcode""
""Syntax and Filters""
""Setting Up""
""Popping a Shell""
""Why You Should Never Pop a Shell on Windows""
""Conclusion""
""Chapter 8: Windows Overflows""
""Stack-Based Buffer Overflows""
""Frame-Based Exception Handlers"" ""Abusing Frame-Based Exception Handling on Windows 2003 Server""""Stack Protection and Windows 2003 Server""
""Heap-Based Buffer Overflows""
""The Process Heap""
""Exploiting Heap-Based Overflows""
""Other Overflows""
""Exploiting Buffer Overflows and Non-Executable Stacks""
""Conclusion""
""Chapter 9: Overcoming Filters""
""Writing Exploits for Use with an Alphanumeric Filter""
""Writing Exploits for Use with a Unicode Filter""
""Exploiting Unicode-Based Vulnerabilities""
""The Venetian Method""
""Decoder and Decoding""
""Conclusion"" ""Chapter 10: Introduction to Solaris Exploitation""""Introduction to the SPARC Architecture""
""Solaris/SPARC Shellcode Basics""
""Solaris/SPARC Stack Frame Introduction""
""Stack-Based Overflow Methodologies""
""Stack Overflow Exploitation In Action""
""Heap-Based Overflows on Solaris/SPARC""
""Basic Exploit Methodology (t_delete)""
""Other Heap-Related Vulnerabilities""
""Heap Overflow Example""
""Other Solaris Exploitation Techniques""
""Conclusion""
""Chapter 11: Advanced Solaris Exploitation""
""Single Stepping the Dynamic Linker""

✦ Subjects

Computers;COMPUTERS;Security;General

πŸ“œ SIMILAR VOLUMES

The Shellcoder's Handbook: Discovering a
πŸ“ The Shellcoder's Handbook: Discovering and Exploiting Security Holes
✍ Chris Anley, John Heasman, Felix Lindner, Gerardo Richarte πŸ“‚ Library πŸ“… 2007 πŸ› Wiley 🌐 English

<ul><li>This much-anticipated revision, written by the ultimate group of top security experts in the world, features 40 percent new content on how to find security holes in any operating system or application<li>New material addresses the many new exploitation techniques that have been discovered si

The Shellcoder's Handbook: Discovering a
πŸ“ The Shellcoder's Handbook: Discovering and Exploiting Security Holes
✍ Chris Anley, John Heasman, Felix Lindner, Gerardo Richarte πŸ“‚ Library πŸ“… 2007 πŸ› Wiley 🌐 English

This much-anticipated revision, written by the ultimate group of top security experts in the world, features 40 percent new content on how to find security holes in any operating system or application New material addresses the many new exploitation techniques that have been discovered since the fi

The Shellcoder's Handbook: Discovering a
πŸ“ The Shellcoder's Handbook: Discovering and Exploiting Security
✍ Jack Koziol, David Litchfield, Dave Aitel, Chris Anley, Sinan "noir" Eren, Neel πŸ“‚ Library πŸ“… 2004 πŸ› Wiley 🌐 English

Stop hackers from wreaking havoc on your software applications and operating systems. This innovative book provides tools to discover vulnerabilities in C-language-based software, exploit what you find, and prevent new security holes from occurring.

The Shellcoder's Handbook: Discovering a
πŸ“ The Shellcoder's Handbook: Discovering and Exploiting Security Holes, 2nd Edition
✍ Chris Anley, John Heasman, Felix Linder, Gerardo Richarte, πŸ“‚ Library πŸ“… 2007 🌐 English

This much-anticipated revision, written by the ultimate group of top security experts in the world, features 40 percent new content on how to find security holes in any operating system or applicationNew material addresses the many new exploitation techniques that have been discovered since the firs

The shellcoder's handbook discovering an
πŸ“ The shellcoder's handbook discovering and exploiting security holes. - Cover title. - Includes index
✍ Anley, Chris πŸ“‚ Library πŸ“… 2007 πŸ› Wiley Pub 🌐 English

This much-anticipated revision, written by the ultimate group of top security experts in the world, features 40 percent new content on how to find security holes in any operating system or applicationNew material addresses the many new exploitation techniques that have been discovered since the firs

The shellcoder's handbook discovering an
πŸ“ The shellcoder's handbook discovering and exploiting security holes. - Cover title. - Includes index
✍ Anley, Chris πŸ“‚ Library πŸ“… 2007 πŸ› Wiley Pub 🌐 English

This much-anticipated revision, written by the ultimate group of top security experts in the world, features 40 percent new content on how to find security holes in any operating system or applicationNew material addresses the many new exploitation techniques that have been discovered since the firs