O | Hacking Ubuntu: Serious Hacks Mods and Customizations (ExtremeTech)

P

packaged shellcode, 501

packet sniffers

Ethereal, 339

tcpdump, 339

Packetstorm packaged shellcodes, 501

padding instructions (Solaris), 222 “223

padding with NOPs, 27

PAL (Privileged Architecture Library) instructions, 308

PAL_callsys instruction (Alpha), 305

PAL_callsys PALcode instruction (Alpha), 308

PALcodes (Alpha CPU), 308

PAL_imb instruction (Alpha), 305

paper archives, 343

papers and articles

Advances in Format String Exploitation, 342

The Art of Writing Shellcode, 341

Basic Integer Overflows, 342

Bypassing MSB Data Filters for Buffer Overflows, 197 “198

Bypassing Stackguard and StackShield Protection, 341

Creating Arbitrary Shellcode in Unicode Expanded Strings, 201 “202, 342

Exploiting Format String Vulnerabilities, 342

Exploiting Windows NT 4 Buffer Overruns, 341

Format String Attacks, 342

Hacking the Linux Kernel Network Stack, 343

HackProofing Oracle Application Server, 407 “408

.ida Code Red Worm analysis, 343

Interception of Win32 API Calls, 342

Intrusion Detection with Snort, 289

Non-Stack Based Exploitation of Buffer Overrun Vulnerabilities on Windows NT/2000/XP, 341

Once upon a free(), 254, 342

Problems with Msktemp(), 402

Smashing the Stack for Fun and Profit, 11, 340

The Tao of Windows Buffer Overflow, 341

Tracing activity in Windows NT/2000/XP, 342

Using Environment for Returning into Lib C, 341

Using Programmer-Written Compiler Extensions to Catch Security Holes, 530

Violating Database Security Mechanisms, 476

Vivisection of an Exploit Development Process, 341

Vudo malloc Tricks, 342

Win32 Buffer Overflows: Location, Exploitation and Prevention, 341

Writing [a] Linux Kernel Keylogger, 343

Writing ia32 Alphanumeric Shellcodes, 342

w00w00 on Heap Overflows, 341

PA/RISC reference manuals (HP), 334

patches

Code Red worm, 484

GPG 1.2.2 Randomness Patch, 485 “486

Microsoft SQL Server 3-Byte Patch, 477 “481

MySQL 1-Bit Patch, 481 “483

OpenSSH RSA Authentication Patch, 483 “484

random number generators, 484 “485

p_cred (credentials of the process), 560 “561

PDB files, 454

PdbDump , 454

PEB (Process Environment Block), 134 “135

PEB (Process Environment Block) overflows, 190

PE-COFF (portable executable) files

export table, 107

import table, 107

PE loader, 107 “108

portability, 107

Relative Virtual Address (RVA), 107 “108

.reloc section, 107

relocatablity, 107

symbol packs , 108

Performance Monitor, 423

Permeh, Ryan, ".ida Code Red Worm analysis" (paper), 343

PHP http://filename behavior, 413

Phrack magazine articles

Advances in Format String Exploitation, 342

Basic Integer Overflows, 342

Hacking the Linux Kernel Network Stack, 343

Once upon a free(), 254, 342

Smashing the Stack for Fun and Profit, 11, 340

Vudo malloc Tricks, 342

Win32 Buffer Overflows: Location, Exploitation and Prevention, 341

Writing [a] Linux Kernel Keylogger, 343

Writing ia32 Alphanumeric Shellcodes, 342

PIC (Position Independent Code), 127

placeholders, 50 “51

PLT (Procedure Linkage Table), 270 “271

POC (Proof of Concept), 4

POP ESI instruction, 49 “50

POP instruction (stack), 14 “15

popen() attacks, 114

popping shellcode in Windows, 147 “148

portable executable (PE-COFF) files

export table, 107

import table, 107

PE loader, 107 “108

portability, 107

Relative Virtual Address (RVA), 107 “108

.reloc section, 107

relocatablity, 107

symbol packs, 108

Position Independent Code (PIC), 127

prelude hooking, 438 “439

prescan function (Sendmail), 399

primary token, 114, 116

printf function format string bug, 57 “62

printing system calls, 40 “41

priocntl system call (Solaris), 537

priocntl() vulnerability (Solaris), 537 “538

Privileged Architecture Library (PAL) instructions, 308

privilege- related shellcode failures, 501 “502

Problems with Msktemp() (article), Michal Zalewski, 402

Procedure Linkage Table (PLT), 270 “271

process descriptor lookup methods

stack lookup, 558

sysctl system call, 558 “560

Process Environment Block (PEB), 134 “135

Process Environment Block (PEB) overflows, 190

process heap, 167

processes

calling into a function on a remote host, 411

calling into an external, dynamically loaded library, 410 “411

calling into an external process on the same host, 410

creating in Linux, 44 “45

tokens, 114 “115

processors

Alpha CPU

calling conventions, 305 “306

frame pointer, 303

GetPC code, 306 “308

instruction set, 303 “305

longword size memory references, 302

memory references, 302

PALcodes , 308

Privileged Architecture Library (PAL) instructions, 308

quadword size memory references, 302

registers, 301 “303

stack frame, 305

stack overflows, 320 “322

stack pointer, 303

system calls, 308

word size memory references, 302

SPARC processor

delay slot, 219

frame pointer, 218

registers, 216 “219, 225 “226

Professional Source Code Auditing (speech), 396

ProFI fault injection system, 349

proglets, 486

program counter, 306

prologue hooking, 439

Proof of Concept (POC), 4

protecting against heap overflows, 86 “87

protection schemes, 431

protocols

state-based, 360

stateless, 360

protocol-specific fuzzers , 371

ps Unix command, 289

PUSH instruction (stack), 14

Python, 336