Добавил:
Upload Опубликованный материал нарушает ваши авторские права? Сообщите нам.
Вуз: Предмет: Файл:
Exploiting Software - How to Break Code.pdf
Скачиваний:
107
Добавлен:
15.03.2015
Размер:
7.95 Mб
Скачать

Table of Contents

Index

Exploiting Software How to Break Code

ByGreg Hoglund,Gary McGraw

Publisher: Addison Wesley

Pub Date: February 17, 2004

ISBN: 0-201-78695-8

Pages: 512

How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.

Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.

This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about

Why software exploit will continue to be a serious problem

When network security mechanisms do not work

Attack patterns

Reverse engineering

Classic attacks against server software

Surprising attacks against client software

Techniques for crafting malicious input

The technical details of buffer overflows

Rootkits

Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break

software.

Table of Contents

Index

Exploiting Software How to Break Code

ByGreg Hoglund,Gary McGraw

Publisher: Addison Wesley

Pub Date: February 17, 2004

ISBN: 0-201-78695-8

Pages: 512

Copyright

How does software break? How do attackers make software break on purpose? Why are

Praise for Exploiting Software

firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?

Attack Patterns

What tools can be used to break software? This book provides the answers.

Foreword

Preface

Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniquesWhatusedThis Bookby IsbadAboutguys to break software. If you want to protect your software from attack, HowyoutomustUse ThisfirstBooklearn how real attacks are really carried out.

But Isn't This Too Dangerous?

This must-have book may shock you—and it will certainly educate you.Getting beyond the

Acknowledgments

script kiddie treatment found in many hacking books, you will learn about

Greg's Acknowledgments

Gary's Acknowledgments

WhyChaptersoftware1. Softwareexploit—The Rootwillofcontinuethe Problemto be a serious problem

A Brief History of Software

When network security mechanisms do not work

Bad Software Is Ubiquitous

The Trinity of Trouble

Attack patterns

The Future of Software

ReverseWhat Is SoftwareengineeringSecurity?

Conclusion

Classic attacks against server software

Chapter 2. Attack Patterns

A Taxonomy

Surprising attacks against client software

An Open-Systems View

TechniquesTour of an Exploitfor crafting malicious input

Attack Patterns: Blueprints for Disaster

The technical details of buffer overflows

An Example Exploit: Microsoft's Broken C++ Compiler

Applying Attack Patterns

Rootkits

Attack Pattern Boxes

ExploitingConclusionSoftwareis filled with the tools, concepts, and knowledge necessary to break

softwareChapter. 3. Reverse Engineering and Program Understanding Into the House of Logic

Should Reverse Engineering Be Illegal?

Reverse Engineering Tools and Concepts

Approaches to Reverse Engineering

Methods of the Reverser

Writing Interactive Disassembler (IDA) Plugins

Decompiling and Disassembling Software

Decompilation in Practice: Reversing helpctr.exe

Automatic, Bulk Auditing for Vulnerabilities

Writing Your Own Cracking Tools

Building a Basic Code Coverage Tool

Conclusion

Chapter 4. Exploiting Server Software

The Trusted Input Problem

Table of Contents

The Privilege Escalation Problem

Index

Finding Injection Points

Exploiting Software How to Break Code

Input Path Tracing

ByGreg Hoglund,Gary McGraw

Exploiting Trust through Configuration

Specific Techniques and Attacks for Server Software

Publisher: Addison Wesley

Conclusion

Pub Date: February 17, 2004

Chapter 5. Exploiting Client Software

ISBN: 0-201-78695-8

Client-side Programs as Attack Targets

Pages: 512

In-band Signals

Cross-site Scripting (XSS)

Client Scripts and Malicious Code

Content-Based Attacks

Backwash Attacks: Leveraging Client-side Buffer Overflows

How does software break? How do attackers make software break on purpose? Why are

Conclusion

firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What toolsChaptercan6. Craftingbe used(Malicious)to breakInputsoftware? This book provides the answers.

The Defender's Dilemma

Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and

Intrusion Detection (Not)

techniques used by bad guys to break software. If you want to protect your software from

Partition Analysis

attack, you must first learn how real attacks are really carried out.

Tracing Code

Reversing Parser Code

This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddieExample:treatmentReversing Ifound-Planet Serverin many6.0 throughhackingthebooks,Front Dooryou will learn about

Misclassification

Building "Equivalent" Requests

Why software exploit will continue to be a serious problem

Audit Poisoning

Conclusion

When network security mechanisms do not work

Chapter 7. Buffer Overflow

AttackBufferpatternsOverflow 101

Injection Vectors: Input Rides Again

Reverse engineering

Buffer Overflows and Embedded Systems

Database Buffer Overflows

Classic attacks against server software

Buffer Overflows and Java?!

SurprisingContent-BasedattacksBuffer againstOverflow client software

Audit Truncation and Filters with Buffer Overflow

Techniques for crafting malicious input

Causing Overflow with Environment Variables

The Multiple Operation Problem

The technical details of buffer overflows

Finding Potential Buffer Overflows

RootkitsStack Overflow

Arithmetic Errors in Memory Management

Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break

Format String Vulnerabilities

software.

Heap Overflows

Buffer Overflows and C++

Payloads

Payloads on RISC Architectures

Multiplatform Payloads

Prolog/Epilog Code to Protect Functions

Conclusion

Chapter 8. Rootkits

Subversive Programs

A Simple Windows XP Kernel Rootkit

Call Hooking

Trojan Executable Redirection

Hiding Files and Directories

Patching Binary Code

The Hardware Virus

Table of Contents

Low-Level Disk Access

Index

Adding Network Support to a Driver

Exploiting Software How to Break Code

Interrupts

ByGreg Hoglund,Gary McGraw

Key Logging

Advanced Rootkit Topics

Publisher: Addison Wesley

Conclusion

Pub Date: February 17, 2004

References

ISBN: 0-201-78695-8

Index

Pages: 512

How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.

Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.

This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about

Why software exploit will continue to be a serious problem

When network security mechanisms do not work

Attack patterns

Reverse engineering

Classic attacks against server software

Surprising attacks against client software

Techniques for crafting malicious input

The technical details of buffer overflows

Rootkits

Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break

software.