Figure 2.3: Visual representation of the stack after a function has been called
Figure 2.4: Overflowing array results overwriting other items on the stack
Chapter 5: Introduction to Heap Overflows
Figure 5.1: Exploiting the heap
Chapter 6: The Wild World of Windows
Figure 6.1: OllyDbg can show you all the information you need about any DLLs loaded into memory.
Figure 6.2: Using Process Explorer to view tokens in a process. Note the different levels of access between the Administrator token and the user (primary token).
Figure 6.3: OllyDbg nicely shows you how exception handling works in Windows NT.
Chapter 8: Windows Overflows
Figure 8.1: Frame exception handlers in action
Figure 8.2: Overwriting the EXCEPTION_REGISTRATION structure
Figure 8.3: Before and after snapshots of the buffer
Figure 8.4: The stack before and after overflows
Chapter 14: Fault Injection
Figure 14.1: RIOT Fault Injection Model
Chapter 15: The Art of Fuzzing
Figure 15.1: A Screenshot of Ethereal Dissection of X -query
Chapter 18: Tracing for Vulnerabilities
Figure 18.1: Normal Execution Flow of Our Example Vulnerable Program
Figure 18.2: Execution flow of our example vulnerable program after we have modified the import table of the loaded module user32.dll.
Figure 18.3: Execution flow of our example vulnerable program after we have modified the prelude of the function lstrcpynA within the loaded module kernel32.dll .