S
T
$22 “25 registers (Alpha CPU), 303
$26 register (Alpha CPU), 303
$27 register (Alpha CPU), 303
$28 register (Alpha CPU), 303
$29 register (Alpha CPU), 303
$30 register (Alpha CPU), 303
$31 register (Alpha CPU), 303
TAB completion, 430
Tabular Data Stream (TDS) protocol (Microsoft), 510 “511
The Tao of Windows Buffer Overflow (article), DilDog, 341
tcpdump packet sniffer, 339
TCPView, 340
t_delete() function (Solaris), 254 “256
TDS (Tabular Data Stream) protocol (Microsoft), 510 “511
TEB (Thread Environment Block), 184 “185
TEB (Thread Environment Block) overflows, 190
testing
exploits, 503 “504
shellcode, 53
.text segment, 5
32-bit registers, 43
32-bit Windows API, 106
this pointer, 463 “464
Thread Environment Block (TEB), 184 “185
Thread Environment Block (TEB) overflows, 190
threading (Linux), 109
threading (Windows)
CreateProcess() function, 110
defined, 109
Environment Block, 150
HRESULT , 109
Thread Local Storage, 120
threads
heap overflows, 502
heartbeat threads, 502
shellcode failures, 502
thread-safe versions of functions, 402
3-Byte Patch (Microsoft SQL Server), 477 “481
timing information, 507
timing of fault injection, 359
TlsGetValue() (Windows), 120
TlsSetValue() (Windows), 120
TNS (Transparent Network Substrate) protocol (Oracle), 510
tokens
CreateProcess() function, 116
CreateProcessAsUser() function, 116
current thread token, 114, 116
defined, 114
DuplicateTokenEx() function, 116
impersonating, 115
LogonUser() function, 114
memory, 115
primary token, 114, 116
processes, 114 “115
SetThreadToken(token_to__attach) function, 114
tools
CANVAS, 119
Cbrowser, 385
CHAM, 381
CQual, 386
Cscope, 384 “385
Ctags, 385
Cygwin, 124
DCE-RPC, 112
debug.exe , 337 “338
dumpbin, 149
Emacs editor, 385
Ethereal, 339, 374 “375
EVE, 427 “428
FaultMon, 361 “362
FileMon, 340
fstat , 339
gcc (GNU Compiler Collection), 334
gdb (GNU Debugger), 335
generic fuzzers , 337
Hailstorm, 381
HandleEx, 340
Holodeck, 367
IDA Pro, 452 “454
ltrace, 339
MOS-DEF, 336
NASM (Netwide Assembler), 335
NetCat, 338
offset finder, 336 “337
OllyDbg, 335, 504
PdbDump , 454
Performance Monitor, 423
Python, 336
RATS, 386
RegMon, 340
sharefuzz, 364 “367
SoftICE, 335 “336
SPIKE, 112 “114, 118, 372 “381
Splint, 386
sqlping , 423
strace, 339
tcpdump, 339
TCPView, 340
Vim editor, 385
Visual Assist, 430
Visual C++, 336
Visual Studio, 124
VMWare, 504
VTrace, 342
VulnTrac, 431 “448
WinDbg, 335
Windows Performance Monitor, 423
top-down (specific) approach to source code auditing, 387
Tracing activity in Windows NT/2000/XP (article), 342
tracing system calls with strace , 40 “41
tracing vulnerabilities
EVE, 427 “428
fingerprint systems, 448 “449
format string bugs , 449
integer overflows, 449
machine-code auditing, 428
source-code auditing, 428
VulnTrac, 431 “448
traditional BP-based stack frames , 455
translating data, 411 “412
Transparent Network Substrate (TNS) protocol (Oracle), 510
triggering heap overflows, 88 “89
Tru64
non-executable stack, 320 “322
rpc.ttdbserver exploit, 322 “330
stack overflows, 320 “322
versions, 301
vulnerabilities, 301 “302
Tru64 shellcode
bind-socket, 319 “320
connect-back , 316 “317
find-socket , 317 “319
setuid(0)+ execve , 310 “316
XOR decoder, 308 “310
Tru64 Unix Assembly Language Programmer's Guide , 302
tunneling DCE-RPC, 113 “114
two-factor exploits, 500
TZ_OFFSET overflow (Oracle), 416
Hacking Ubuntu: Serious Hacks Mods and Customizations (ExtremeTech)
ISBN: N/A
EAN: 2147483647
EAN: 2147483647
Year: 2003
Pages: 198
Pages: 198
Authors: Neal Krawetz