Hacking Ubuntu: Serious Hacks Mods and Customizations (ExtremeTech)
Hacking Ubuntu: Serious Hacks Mods and Customizations (ExtremeTech)
ISBN: N/A
EAN: 2147483647
EAN: 2147483647
Year: 2003
Pages: 198
Pages: 198
Authors: Neal Krawetz
- The Shellcoder s Handbook: Discovering and Exploiting Security
- Back Cover
- About
- Part 1: Introduction to Exploitation: Linux on x86
- Chapter 1: Before You Begin
- Basic Concepts
- Recognizing C Code Constructs in Assembly
- Conclusion
- Chapter 2: Stack Overflows
- Buffers
- The Stack
- Overflowing Buffers on the Stack
- Using an Exploit to Get Root Privileges
- Defeating a Non-Executable Stack
- Conclusion
- Chapter 3: Shellcode
- Understanding System Calls
- Writing Shellcode for the exit() Syscall
- Injectable Shellcode
- Spawning a Shell
- Conclusion
- Chapter 4: Introduction to Format String Bugs
- Prerequisites
- What Is a Format String?
- What Is a Format String Bug?
- Format String Exploits
- Controlling Execution for Exploitation
- Why Did This Happen?
- Format String Technique Roundup
- Conclusion
- Chapter 5: Introduction to Heap Overflows
- What Is a Heap?
- Finding Heap Overflows
- Conclusion
- Part 2: Exploiting More Platforms: Windows, Solaris, and Tru64
- Chapter 6: The Wild World of Windows
- How Does Windows Differ from Linux?
- Heaps
- The Genius and Idiocy of the Distributed Common Object Model and DCE-RPC
- Debugging Windows
- Conclusion
- Chapter 7: Windows Shellcode
- Setting Up
- Parsing the PEB
- Searching with Windows Exception Handling
- Popping a Shell
- Conclusion
- Chapter 8: Windows Overflows
- Stack-Based Buffer Overflows
- Stack Protection and Windows 2003 Server
- Heap-Based Buffer Overflows
- Exploiting Heap-Based Overflows
- Other Overflows
- Exploiting Buffer Overflows and Non-Executable Stacks
- Conclusion
- Chapter 9: Overcoming Filters
- Writing Exploits for Use with an Alphanumeric Filter
- Writing Exploits for Use with a Unicode Filter
- Exploiting Unicode-Based Vulnerabilities
- The Venetian Method
- Decoder and Decoding
- Conclusion
- Chapter 10: Introduction to Solaris Exploitation
- Introduction to the SPARC Architecture
- SolarisSPARC Shellcode Basics
- SolarisSPARC Stack Frame Introduction
- Stack-Based Overflow Methodologies
- Stack Overflow Exploitation In Action
- Heap-Based Overflows on SolarisSPARC
- Basic Exploit Methodology (t_delete)
- Other Heap-Related Vulnerabilities
- Heap Overflow Example
- Other Solaris Exploitation Techniques
- Conclusion
- Chapter 11: Advanced Solaris Exploitation
- Single Stepping the Dynamic Linker
- Various Style Tricks for Solaris SPARC Heap Overflows
- Advanced SolarisSPARC Shellcode
- Conclusion
- Chapter 12: HP Tru64 Unix Exploitation
- The Alpha Architecture
- Retrieving the Program Counter (GetPC)
- System Call Invocation
- XOR Decoder for Shellcode
- .end main setuid execve Shellcode
- Connect-Back Shellcode
- Find-Socket Shellcode
- Bind-Socket Shellcode
- Stack Overflow Exploitation
- Exploiting rpc.ttdbserver
- Conclusion
- Part 3: Vulnerability Discovery
- Chapter 13: Establishing a Working Environment
- Conclusion
- What You Need for Reference
- What You Need for Code
- What You Need for Investigation
- What You Need to Know
- Optimizing Shellcode Development
- Chapter 14: Fault Injection
- Design Overview
- Fault Monitoring
- Putting It Together
- Conclusion
- Chapter 15: The Art of Fuzzing
- General Theory of Fuzzing
- Weaknesses in Fuzzers
- Modeling Arbitrary Network Protocols
- Other Fuzzer Possibilities
- SPIKE
- Other Fuzzers
- Conclusion
- Chapter 16: Source Code Auditing: Finding Vulnerabilities in C-Based Languages
- Tools
- Automated Source Code Analysis Tools
- Methodology
- Vulnerability Classes
- Beyond Recognition: A Real Vulnerability versus a Bug
- Conclusion
- Chapter 17: Instrumented Investigation: A Manual Approach
- Philosophy
- Oracle extproc Overflow
- Common Architectural Failures
- Bypassing Input Validation and Attack Detection
- Windows 2000 SNMP DOS
- Finding DOS Attacks
- SQL-UDP
- Conclusion
- Chapter 18: Tracing for Vulnerabilities
- Overview
- Conclusion
- Chapter 19: Binary Auditing: Hacking Closed Source Software
- Binary versus Source-Code Auditing: The Obvious Differences
- IDA ProThe Tool of the Trade
- Binary Auditing Introduction
- Reconstructing Class Definitions
- Manual Binary Analysis
- Binary Vulnerability Examples
- Conclusion
- Part 4: Advanced Materials
- Chapter 20: Alternative Payload Strategies
- Modifying the Program
- The SQL Server 3-Byte Patch
- The MySQL 1-Bit Patch
- OpenSSH RSA Authentication Patch
- Other Runtime Patching Ideas
- Upload and Run (or Proglet Server)
- Syscall Proxies
- Problems with Syscall Proxies
- Conclusion
- Chapter 21: Writing Exploits that Work in the Wild
- Factors in Unreliability
- Countermeasures
- Conclusion
- Chapter 22: Attacking Database Software
- Network Layer Attacks
- Application Layer Attacks
- Running Operating System Commands
- Exploiting Overruns at the SQL Level
- Conclusion
- Chapter 23: Kernel Overflows
- Kernel Vulnerability Types
- 0day Kernel Vulnerabilities
- Solaris vfs_getvfssw() Loadable Kernel Module Traversal Vulnerability
- Conclusion
- Chapter 24: Exploiting Kernel Vulnerabilities
- The exec_ibcs2_coff_prep_zmagic() Vulnerability
- Solaris vfs_getvfssw() Loadable Kernel Module Path Traversal Exploit
- Conclusion
- Index
- A
- B
- C
- D
- E
- F
- G
- H
- I
- J
- K
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- X
- Z
- List of Figures
- List of Tables
Hacking Ubuntu: Serious Hacks Mods and Customizations (ExtremeTech)
ISBN: N/A
EAN: 2147483647
EAN: 2147483647
Year: 2003
Pages: 198
Pages: 198
Authors: Neal Krawetz