- •Exploiting Software How to Break Code
- •Table of Contents
- •Copyright
- •Praise for Exploiting Software
- •Attack Patterns
- •Foreword
- •Preface
- •What This Book Is About
- •How to Use This Book
- •But Isn't This Too Dangerous?
- •Acknowledgments
- •Greg's Acknowledgments
- •Gary's Acknowledgments
- •Bad Software Is Ubiquitous
- •The Trinity of Trouble
- •The Future of Software
- •What Is Software Security?
- •Conclusion
- •Chapter 2. Attack Patterns
- •A Taxonomy
- •An Open-Systems View
- •Tour of an Exploit
- •Attack Patterns: Blueprints for Disaster
- •An Example Exploit: Microsoft's Broken C++ Compiler
- •Applying Attack Patterns
- •Attack Pattern Boxes
- •Conclusion
- •Into the House of Logic
- •Should Reverse Engineering Be Illegal?
- •Reverse Engineering Tools and Concepts
- •Approaches to Reverse Engineering
- •Methods of the Reverser
- •Writing Interactive Disassembler (IDA) Plugins
- •Decompiling and Disassembling Software
- •Decompilation in Practice: Reversing helpctr.exe
- •Automatic, Bulk Auditing for Vulnerabilities
- •Writing Your Own Cracking Tools
- •Building a Basic Code Coverage Tool
- •Conclusion
- •Chapter 4. Exploiting Server Software
- •The Trusted Input Problem
- •The Privilege Escalation Problem
- •Finding Injection Points
- •Input Path Tracing
- •Exploiting Trust through Configuration
- •Specific Techniques and Attacks for Server Software
- •Conclusion
- •Chapter 5. Exploiting Client Software
- •Client-side Programs as Attack Targets
- •In-band Signals
- •Cross-site Scripting (XSS)
- •Client Scripts and Malicious Code
- •Content-Based Attacks
- •Conclusion
- •Chapter 6. Crafting (Malicious) Input
- •The Defender's Dilemma
- •Intrusion Detection (Not)
- •Partition Analysis
- •Tracing Code
- •Reversing Parser Code
- •Misclassification
- •Audit Poisoning
- •Conclusion
- •Chapter 7. Buffer Overflow
- •Buffer Overflow 101
- •Injection Vectors: Input Rides Again
- •Buffer Overflows and Embedded Systems
- •Database Buffer Overflows
- •Buffer Overflows and Java?!
- •Content-Based Buffer Overflow
- •Audit Truncation and Filters with Buffer Overflow
- •Causing Overflow with Environment Variables
- •The Multiple Operation Problem
- •Finding Potential Buffer Overflows
- •Stack Overflow
- •Arithmetic Errors in Memory Management
- •Format String Vulnerabilities
- •Heap Overflows
- •Buffer Overflows and C++
- •Payloads
- •Payloads on RISC Architectures
- •Multiplatform Payloads
- •Prolog/Epilog Code to Protect Functions
- •Conclusion
- •Chapter 8. Rootkits
- •Subversive Programs
- •A Simple Windows XP Kernel Rootkit
- •Call Hooking
- •Trojan Executable Redirection
- •Hiding Files and Directories
- •Patching Binary Code
- •The Hardware Virus
- •Low-Level Disk Access
- •Adding Network Support to a Driver
- •Interrupts
- •Key Logging
- •Advanced Rootkit Topics
- •Conclusion
- •References
- •Index
References
Aleph1. (1996) "Smashing the Stack for Fun and Profit."Phrack49. November.
• |
Table of Contents |
• |
Index |
Anderson, J. P. (1973) Computer Security Technology Planning Study. Report no. ESD-TR-73-
Exploiting Software How to Break Code
51. Bedford, MA: USAF Electronic Systems Division, Hanscom AFB; October.
ByGreg Hoglund,Gary McGraw
Anderson, Ross. (2001) Security Engineering. New York: John Wiley & Sons.
Publisher: Addison Wesley
Pub Date: February 17, 2004
Cheswick,ISBN:William0-201-78695R.,-8Steven M. Bellovin, and Aviel D. Rubin. (2003) Firewalls and Internet
Security. 2nd ed. Boston, MA: Addison-Wesley.
Pages: 512
Cowan, Crispin, Calton Pu, David Maier, Heather Hinton, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, and Qian Zhang. (1998) "Automatic Detection and Prevention of Buffer-
Overflow Attacks." In: Proceedings of the 7th USENIX Security Symposium. San Antonio, TX:
How does software break? How do attackers make software break on purpose? Why are January. Also available at http://www.immunix.org/documentation.html.
firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.
Dekker, Edward N., and Joseph M. Newcomer. (1999) Developing Windows NT Device
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
Drivers: A Programmer's Handbook. Boston, MA: Addison-Wesley.
techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.
Denning, Dorothy E. (1999) Information Warfare & Security. Reading, MA: Addison-Wesley. This must-have book may shock you—and it will certainly educate you.Getting beyond the
script kiddie treatment found in many hacking books, you will learn about
Felten, Ed, Dirk Balfanz, Drew Dean, and Dan Wallach. (1997) "Web Spoofing: An Internet Con Game." In: Proceedings of the 20th NISSC. October. Baltimore, MD.
Why software exploit will continue to be a serious problem
Gamma, Erich, Richard Helm, Ralph Johnson, and John M. Vlissides. (1995) Design Patterns: When network security mechanisms do not work
Elements of Reusable Object-Oriented Software. Reading, MA: Addison-Wesley.
Attack patterns
Howard, Michael, and David LeBlanc. (2002) Writing Secure Code. Seattle: Microsoft Press. Reverse engineering
Classic attacks against server software
Jones, Andy, Gerald L. Kovacich, and Perry G. Luzwick. (2002) Global Information Warfare:
How Businesses, Governments, and Others Achieve Objectives and Attain Competitive
Surprising attacks against client software Advantages. New York: Auerbach Publishing.
Techniques for crafting malicious input
Kaner, Cem, and David L. Pels. (1998) Bad Software: What to Do When Software Fails. New The technical details of buffer overflows
York: John Wiley & Sons.
Rootkits
Krusl, Ivan. (1998) Software Vulnerability Analysis. PhD thesis, COAST TR 98-09. West Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
Lafayette,so tware. IN, Department of Computer Sciences, Purdue University.
Landwehr, Carl E., A. R. Bull, J. P. McDermott, and W. S. Choi. (1993) A Taxonomy of Computer Program Security Flaws, with Examples. Naval Research Laboratory report no. NRL/FR/5542-93/9591. Washington, DC.
McClure, Stuart, Joel Scambray, and George Kurtz. (1999) Hacking Exposed: Network Security Secrets and Solutions. New York: Osborne.
McGraw, Gary, and Ed Felten. (1998) Securing Java: Getting Down to Business with Mobile Code. New York: John Wiley & Sons.
Mish, F. C., et al., eds. (1997) Merriam Webster's Collegiate Dictionary. 10th ed. Springfield, MA: Merriam–Webster, Inc., p. 1117.
•Table of Contents
•Index
Myhrvold, Nathan. (1995) "The Physicist."Wired Magazine. Issue 3(9). Available at
Exploiting Software How to Break Code
www.wired.com/wired/archive/3.09/myhrvold.html?
ByGreg Hoglund,Gary McGraw
person=gordon_moore&topic_set=wiredpeople. September 1995. Accessed 1/6/03.
Publisher: Addison Wesley
Neumann, Peter G. (1995) Computer-Related Risks. Reading, MA: Addison-Wesley.
Pub Date: February 17, 2004
ISBN: 0-201-78695-8
Potter,Pages:Bruce,512and Bob Fleck. (2003) 802.11 Security. Sebastapol, CA: O'Reilly and
Associates.
Rubin, Aviel. (2001) The Whitehat Security Arsenal: Tackling the Threats. Boston, MA:
Addison-Wesley.
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers. Schmid, Matt, and Anup Ghosh. (1999) An Approach to Testing COTS Software for
Robustness to Operating System Exceptions and Errors. Presented at the 1999 International
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and Symposium on Software Reliability Engineering. Boca Raton, FL. November 1–4.
techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.
Schneier, Bruce. (2000) Secrets and Lies: Digital Security in a Networked World. New York:
This must-have book may shock you—and it will certainly educate you.Getting beyond the John Wiley & Sons.
script kiddie treatment found in many hacking books, you will learn about
Spitzner, Lance. (2003) Honeypots: Tracking Hackers. Boston, MA: Addinson-Wesley. Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Thompson, Ken. (1984) "Reflections on Trusting Trust."Communications of the ACM, 27(8).
Attack patterns
Viega, John, and Gary McGraw. (2002) Building Secure Software: How to Avoid Security
Reverse engineering
Problems the Right Way. Boston, MA: Addison-Wesley.
Classic attacks against server software
Voas, Jeff, and Gary McGraw. (1999) Software Fault Injection: Inoculation Software Against
Surprising attacks against client software Errors. New York: John Wiley & Sons.
Techniques for crafting malicious input
Whittaker, James A. (2002) How to Break Software: A Practical Guide to Testing. Boston, MA:
The technical details of buffer overflows Addison-Wesley.
Rootkits
Whittaker, James, and Herbert Thompson. (2003) How to Break Software Security. Boston,
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break MA: Addison-Wesley.
software.
Young, Adam, and Moti Yung. (1997) Deniable Password Snatching: On the Possibility of Evasive Electronic Espionage. In: Proceedings of the IEEE Symposium on Security and Privacy. Oakland, CA. pp. 224–235.
Zuse, Horst. (1991) Software Complexity: Measures and Methods (Programming Complex Systems, no. 4). Berlin: Walter de Gruyter.
•Table of Contents
•Index
Exploiting Software How to Break Code
ByGreg Hoglund,Gary McGraw
Publisher: Addison Wesley
Pub Date: February 17, 2004
ISBN: 0-201-78695-8
Pages: 512
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.
This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about
Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.