Flylib.com
Hacking Ubuntu: Serious Hacks Mods and Customizations (ExtremeTech)
Hacking Ubuntu: Serious Hacks Mods and Customizations (ExtremeTech)
ISBN: N/A
EAN: 2147483647
Year: 2003
Pages: 198
Authors:
Neal Krawetz
BUY ON AMAZON
The Shellcoder s Handbook: Discovering and Exploiting Security
Back Cover
About
Part 1: Introduction to Exploitation: Linux on x86
Chapter 1: Before You Begin
Basic Concepts
Recognizing C Code Constructs in Assembly
Conclusion
Chapter 2: Stack Overflows
Buffers
The Stack
Overflowing Buffers on the Stack
Using an Exploit to Get Root Privileges
Defeating a Non-Executable Stack
Conclusion
Chapter 3: Shellcode
Understanding System Calls
Writing Shellcode for the exit() Syscall
Injectable Shellcode
Spawning a Shell
Conclusion
Chapter 4: Introduction to Format String Bugs
Prerequisites
What Is a Format String?
What Is a Format String Bug?
Format String Exploits
Controlling Execution for Exploitation
Why Did This Happen?
Format String Technique Roundup
Conclusion
Chapter 5: Introduction to Heap Overflows
What Is a Heap?
Finding Heap Overflows
Conclusion
Part 2: Exploiting More Platforms: Windows, Solaris, and Tru64
Chapter 6: The Wild World of Windows
How Does Windows Differ from Linux?
Heaps
The Genius and Idiocy of the Distributed Common Object Model and DCE-RPC
Debugging Windows
Conclusion
Chapter 7: Windows Shellcode
Setting Up
Parsing the PEB
Searching with Windows Exception Handling
Popping a Shell
Conclusion
Chapter 8: Windows Overflows
Stack-Based Buffer Overflows
Stack Protection and Windows 2003 Server
Heap-Based Buffer Overflows
Exploiting Heap-Based Overflows
Other Overflows
Exploiting Buffer Overflows and Non-Executable Stacks
Conclusion
Chapter 9: Overcoming Filters
Writing Exploits for Use with an Alphanumeric Filter
Writing Exploits for Use with a Unicode Filter
Exploiting Unicode-Based Vulnerabilities
The Venetian Method
Decoder and Decoding
Conclusion
Chapter 10: Introduction to Solaris Exploitation
Introduction to the SPARC Architecture
SolarisSPARC Shellcode Basics
SolarisSPARC Stack Frame Introduction
Stack-Based Overflow Methodologies
Stack Overflow Exploitation In Action
Heap-Based Overflows on SolarisSPARC
Basic Exploit Methodology (t_delete)
Other Heap-Related Vulnerabilities
Heap Overflow Example
Other Solaris Exploitation Techniques
Conclusion
Chapter 11: Advanced Solaris Exploitation
Single Stepping the Dynamic Linker
Various Style Tricks for Solaris SPARC Heap Overflows
Advanced SolarisSPARC Shellcode
Conclusion
Chapter 12: HP Tru64 Unix Exploitation
The Alpha Architecture
Retrieving the Program Counter (GetPC)
System Call Invocation
XOR Decoder for Shellcode
.end main setuid execve Shellcode
Connect-Back Shellcode
Find-Socket Shellcode
Bind-Socket Shellcode
Stack Overflow Exploitation
Exploiting rpc.ttdbserver
Conclusion
Part 3: Vulnerability Discovery
Chapter 13: Establishing a Working Environment
Conclusion
What You Need for Reference
What You Need for Code
What You Need for Investigation
What You Need to Know
Optimizing Shellcode Development
Chapter 14: Fault Injection
Design Overview
Fault Monitoring
Putting It Together
Conclusion
Chapter 15: The Art of Fuzzing
General Theory of Fuzzing
Weaknesses in Fuzzers
Modeling Arbitrary Network Protocols
Other Fuzzer Possibilities
SPIKE
Other Fuzzers
Conclusion
Chapter 16: Source Code Auditing: Finding Vulnerabilities in C-Based Languages
Tools
Automated Source Code Analysis Tools
Methodology
Vulnerability Classes
Beyond Recognition: A Real Vulnerability versus a Bug
Conclusion
Chapter 17: Instrumented Investigation: A Manual Approach
Philosophy
Oracle extproc Overflow
Common Architectural Failures
Bypassing Input Validation and Attack Detection
Windows 2000 SNMP DOS
Finding DOS Attacks
SQL-UDP
Conclusion
Chapter 18: Tracing for Vulnerabilities
Overview
Conclusion
Chapter 19: Binary Auditing: Hacking Closed Source Software
Binary versus Source-Code Auditing: The Obvious Differences
IDA ProThe Tool of the Trade
Binary Auditing Introduction
Reconstructing Class Definitions
Manual Binary Analysis
Binary Vulnerability Examples
Conclusion
Part 4: Advanced Materials
Chapter 20: Alternative Payload Strategies
Modifying the Program
The SQL Server 3-Byte Patch
The MySQL 1-Bit Patch
OpenSSH RSA Authentication Patch
Other Runtime Patching Ideas
Upload and Run (or Proglet Server)
Syscall Proxies
Problems with Syscall Proxies
Conclusion
Chapter 21: Writing Exploits that Work in the Wild
Factors in Unreliability
Countermeasures
Conclusion
Chapter 22: Attacking Database Software
Network Layer Attacks
Application Layer Attacks
Running Operating System Commands
Exploiting Overruns at the SQL Level
Conclusion
Chapter 23: Kernel Overflows
Kernel Vulnerability Types
0day Kernel Vulnerabilities
Solaris vfs_getvfssw() Loadable Kernel Module Traversal Vulnerability
Conclusion
Chapter 24: Exploiting Kernel Vulnerabilities
The exec_ibcs2_coff_prep_zmagic() Vulnerability
Solaris vfs_getvfssw() Loadable Kernel Module Path Traversal Exploit
Conclusion
Index
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Z
List of Figures
List of Tables
Hacking Ubuntu: Serious Hacks Mods and Customizations (ExtremeTech)
ISBN: N/A
EAN: 2147483647
Year: 2003
Pages: 198
Authors:
Neal Krawetz
BUY ON AMAZON
CISSP Exam Cram 2
Building Defense in Depth
Implementation
Access-Control Systems and Methodology
Exam Prep Questions
Asymmetric Encryption
Building Web Applications with UML (2nd Edition)
Modeling Secure Systems
The Process
HTML Frames
Summary
Master Template Pattern
Managing Enterprise Systems with the Windows Script Host
Input/Output Streams
Regular Expressions
Application Automation
Internet Applications
Security
Microsoft Windows Server 2003(c) TCP/IP Protocols and Services (c) Technical Reference
Address Resolution Protocol (ARP)
Internet Protocol (IP) Addressing
Dynamic Host Configuration Protocol (DHCP) Server Service
RADIUS and Internet Authentication Service
Virtual Private Networks (VPNs)
Introduction to 80x86 Assembly Language and Computer Architecture
Representing Data in a Computer
Elements of Assembly Language
String Operations
Floating-Point Arithmetic
Input/Output
Quartz Job Scheduling Framework: Building Open Source Enterprise Applications
Uses for Job Schedulers in NonEnterprise
Building Quartz from Source
Configuring Datasources for JobStoreCMT
Registering Your Plug-Ins
Appendix A. Quartz Configuration Reference
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies