Part I: Introduction to Shellcoding

Chapter List

Part Overview

The monstrous complexity of contemporary computer systems inevitably results in design and implementation errors, most of which allow malicious users to gain control of the remote host or damage it. Such errors are known as holes or vulnerabilities .

The world of security holes is many-sided and manifold : These are debug holes, weak authentication mechanisms, functionally redundant interpretation of the user input, incorrect arguments check, etc. Classification of holes is fuzzy, full of internal contradictions and difficult (at any rate, holes are still waiting for their Carolus Linnaeus), and techniques of searching and exploiting them are currently impossible to generalize. Each case requires a creative approach. It would be nave to hope that a single publication could describe the entire range of holes. Therefore, it is best to concentrate on one particular type of error buffer overflow errors , the most important, promising , and prospective area of research.

The first part of the book will consider theoretical abstractions. In the second part, more practical issues will be considered , ones related to practical implementation of exploits and countermeasures that should be taken. However, don't expect me to explain to you what the stack and memory addresses are and where they come from. This book is intended for professionals who know Assembly language and have mastered such high-level programming languages as C/C++. It is assumed that you already know how buffer overflow occurs and would like to become acquainted with the full list of possibilities provided by buffers subject to overflow. What are the goals of the attacker? According to what principle are the preferred targets of attack chosen ?

An attempt at learning the particulars of this problem, which at first glance seems rather boring and unpretentious, admits you to a world full of adventures and intrigues. Gaining control over the system by causing buffer overflow is a difficult engineering task that requires you to be creative and generate nontrivial ideas. Furthermore, you must be armed with an excellent toolset, because the code sent to the remote host for execution must run in an aggressive environment, which doesn't ensure even the lowest level of vital functioning.