• Table of Contents • Index Exploiting Software How to Break Code ByGreg Hoglund, Gary McGraw Publisher: Addison Wesley Pub Date: February 17, 2004 ISBN: 0-201-78695-8 Pages: 512 How does software break? How attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software If you want to protect your software from attack, you must first learn how real attacks are really carried out This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about Why software exploit will continue to be a serious problem When network security mechanisms not work Attack patterns Reverse engineering Classic attacks against server software Surprising attacks against client software Techniques for crafting malicious input The technical details of buffer overflows Rootkits Exploiting Software is filled with the tools, concepts, and knowledge necessary to break software • Table of Contents • Index Exploiting Software How to Break Code ByGreg Hoglund, Gary McGraw Publisher: Addison Wesley Pub Date: February 17, 2004 ISBN: 0-201-78695-8 Pages: 512 Copyright How does break? Praise software for Exploiting SoftwareHow attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? Attack Patterns What tools can be used to break software? This book provides the answers Foreword Preface Software is loaded with examples of real attacks, attack patterns, tools, and Exploiting What used This Book About techniques by Is bad guys to break software If you want to protect your software from How to Use This Book attack, you must first learn how real attacks are really carried out But Isn't This Too Dangerous? This must-have book may shock you—and it will certainly educate you.Getting beyond the Acknowledgments script kiddie treatment found in many hacking books, you will learn about Greg's Acknowledgments Gary's Acknowledgments Chapter Software—The the Problem Why software exploit Root will ofcontinue to be a serious problem A Brief History of Software When network security mechanisms not work Bad Software Is Ubiquitous The Trinity of Trouble Attack patterns The Future of Software What Is Software Security? Reverse engineering Conclusion Classic attacks against server software Chapter Attack Patterns A Taxonomy Surprising attacks against client software An Open-Systems View Tour of an Exploit Techniques for crafting malicious input Attack Patterns: Blueprints for Disaster The details of buffer overflows An technical Example Exploit: Microsoft's Broken C++ Compiler Applying Attack Patterns Rootkits Attack Pattern Boxes Conclusion Exploiting Software is filled with the tools, concepts, and knowledge necessary to break software Chapter Reverse Engineering and Program Understanding Into the House of Logic Should Reverse Engineering Be Illegal? Reverse Engineering Tools and Concepts Approaches to Reverse Engineering Methods of the Reverser Writing Interactive Disassembler (IDA) Plugins Decompiling and Disassembling Software Decompilation in Practice: Reversing helpctr.exe Automatic, Bulk Auditing for Vulnerabilities Writing Your Own Cracking Tools Building a Basic Code Coverage Tool Conclusion Chapter Exploiting Server Software The Trusted Input Problem • • Table of Contents The Privilege Escalation Problem Index Finding Injection Points Exploiting Software How to Break Code Input Path Tracing ByGreg Hoglund, Gary McGraw Exploiting Trust through Configuration Specific Techniques and Attacks for Server Software Publisher: Addison Wesley Conclusion Pub Date: February 17, 2004 Chapter Exploiting Client Software ISBN: 0-201-78695-8 Client-side Programs as Attack Targets Pages: 512 In-band Signals Cross-site Scripting (XSS) Client Scripts and Malicious Code Content-Based Attacks Backwash Attacks: Leveraging Client-side Buffer Overflows How does software break? How attackers make software break on purpose? Why are Conclusion firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? Chapter Crafting (Malicious) Input What tools can be used to break software? This book provides the answers The Defender's Dilemma Exploiting Software loaded with examples of real attacks, attack patterns, tools, and Intrusion Detectionis (Not) techniques used by bad guys to break software If you want to protect your software from Partition Analysis attack, you must first learn how real attacks are really carried out Tracing Code Reversing Parser This must-have bookCode may shock you—and it will certainly educate you.Getting beyond the Example: Reversing 6.0 through the books, Front Door script kiddie treatment I-Planet found Server in many hacking you will learn about Misclassification Building "Equivalent" Requests Why software exploit will continue to be a serious problem Audit Poisoning Conclusion When network security mechanisms not work Chapter Buffer Overflow Attack Buffer patterns Overflow 101 Injection Vectors: Input Rides Again Reverse engineering Buffer Overflows and Embedded Systems Database Buffer Overflows Classic attacks against server software Buffer Overflows and Java?! Surprising attacks Content-Based Buffer against Overflow client software Audit Truncation and Filters with Buffer Overflow Techniques for crafting malicious input Causing Overflow with Environment Variables Thetechnical Multiple Operation The detailsProblem of buffer overflows Finding Potential Buffer Overflows Rootkits Stack Overflow Arithmetic Errors in Memory Management Exploiting Software is filled with the tools, concepts, and knowledge necessary to break Format String Vulnerabilities software Heap Overflows Buffer Overflows and C++ Payloads Payloads on RISC Architectures Multiplatform Payloads Prolog/Epilog Code to Protect Functions Conclusion Chapter Rootkits Subversive Programs A Simple Windows XP Kernel Rootkit Call Hooking Trojan Executable Redirection Hiding Files and Directories Patching Binary Code The Hardware Virus • • Table of Contents Low-Level Disk Access Index Adding Network Support to a Driver Exploiting Software How to Break Code Interrupts ByGreg Hoglund, Gary McGraw Key Logging Advanced Rootkit Topics Publisher: Addison Wesley Conclusion Pub Date: February 17, 2004 References ISBN: 0-201-78695-8 Index Pages: 512 How does software break? How attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software If you want to protect your software from attack, you must first learn how real attacks are really carried out This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about Why software exploit will continue to be a serious problem When network security mechanisms not work Attack patterns Reverse engineering Classic attacks against server software Surprising attacks against client software Techniques for crafting malicious input The technical details of buffer overflows Rootkits Exploiting Software is filled with the tools, concepts, and knowledge necessary to break software Copyright Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks Where those designations appear in this book, and Addison-Wesley was aware ofTable a trademark • of Contentsclaim, the designations have been printed in initial capital letters or in all capitals • Index Exploiting Software How to Break Code The authors and publisher have taken care in the preparation of this book, but make no By Greg Hoglund Gary McGraw expressed or ,implied warranty of any kind and assume no responsibility for errors or omissions No liability is assumed for incidental or consequential damages in connection with or arising Publisher:out Addison of the Wesley use of the information or programs contained herein Pub Date: February 17, 2004 The publisher offers discounts on this book when ordered in quantity for bulk purchases and ISBN: 0-201-78695-8 special sales For more information, please contact: Pages: 512 U.S Corporate and Government Sales (800) 382-3419 corpsales@pearsontechgroup.com For of break? the U.S., please contact: make software break on purpose? Why are Howsales doesoutside software How attackers firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? International Sales What tools can be used to break software? This book provides the answers (317) 581-3793 international@pearsontechgroup.com Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software If you want to protect your software from Visit Addison-Wesley thehow Web: www.awprofessional.com attack, you must first on learn real attacks are really carried out Library of Congress Data This must-have bookCataloging-in-Publication may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about Hoglund, Greg Exploiting software : how to break code / Greg Hoglund, Gary McGraw p cm Why software exploit will continue to be a serious problem ISBN 0-201-78695-8 (pbk : alk paper) When Computer network security security Computer mechanisms software—Testing not work Computer hackers I McGraw, Gary, 1966– II Title Attack patterns QA76.9.A25H635 2004 Reverse engineering 005.8—dc22 2003025556 Classic server software Copyright © attacks 2004 byagainst Pearson Education, Inc Surprising attacks against client softwaremay be reproduced, stored in a retrieval All rights reserved No part of this publication system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, Techniques for crafting malicious input recording, or otherwise, without the prior consent of the publisher Printed in the United States of America Published simultaneously in Canada The technical details of buffer overflows Dr McGraw's work is partially supported by DARPA contract no F30602-99-C-0172 (An Rootkits Investigation of Extensible System Security for Highly Resource-Constrained Wireless Devices ) and AFRL Wright-Patterson grant Reverse Exploiting Software is filled with no theF33615-02-C-1295 tools, concepts, and( Protection knowledgeAgainst necessary to break Engineering: State of the Art in Disassembly and Decompilation ) The views and conclusions software contained in this book are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of DARPA, the US Air Force, or the US government For information on obtaining permission for use of material from this work, please submit a written request to: Pearson Education, Inc Rights and Contracts Department 75 Arlington Street, Suite 300 Boston, MA 02116 Fax: (617) 848-7047 Text printed on recycled paper 10—CRS—0807060504 • Table of Contents First printing, February 2004 • Index Exploiting Software How to Break Code ByGreg Hoglund, Gary McGraw Dedication Publisher: Addison Wesley In memory of Nancy Simone McGraw (1939–2003) Pub Date: February 17, 2004 ISBN: 0-201-78695-8 Bye, Mom Pages: 512 How does software break? How attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software If you want to protect your software from attack, you must first learn how real attacks are really carried out This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about Why software exploit will continue to be a serious problem When network security mechanisms not work Attack patterns Reverse engineering Classic attacks against server software Surprising attacks against client software Techniques for crafting malicious input The technical details of buffer overflows Rootkits Exploiting Software is filled with the tools, concepts, and knowledge necessary to break software Praise for Exploiting Software "Exploiting Software highlights the most critical part of the software quality problem As it turns out, software quality problems are a major contributing factor to computer securityTable problems Increasingly, companies large and small depend on software to run • of Contents their businesses every day The current approach to software quality and security taken • Index by software companies, system integrators, and internal development organizations is Exploiting Software How to Break Code like driving a car on a rainy day with worn-out tires and no air bags In both cases, the ByGreg Hoglund, Gary McGraw odds are that something bad is going to happen, and there is no protection for the occupant/owner Publisher: Addison Wesley This book will17, help the Pub Date: February 2004 reader understand how to make software quality part of the design—a key change from where we are today!" ISBN: 0-201-78695-8 Pages: 512 —Tony Scott Chief Technology Officer, IS&S General Motors Corporation "It's about time someone wrote a book to teach the good guys what the bad guys already know As the computer security industry matures, books like Exploiting Software have a critical role to play." How does software break? How attackers make software break on purpose? Why are —Bruce Schneier Chief Technology Officer Counterpane of Beyond Fear and firewalls, intrusion detection systems, and antivirus softwareAuthor not keeping out the bad guys? and What Secrets tools can beLies used to break software? This book provides the answers "Exploiting Software cuts to theexamples heart of the computer security why Exploiting Software is loaded with of real attacks, attack problem, patterns, showing tools, and brokenused software presents clear software and present danger pastyour the software 'worm of from the day' techniques by bad guys toabreak If you wantGetting to protect phenomenon requires other the bad guys attack, you must first learn that how someone real attacks arethan really carried out understands how software is attacked This must-have book may shock you—and it will certainly educate you.Getting beyond the book is a wake-up for computer scriptThis kiddie treatment foundcall in many hacking security." books, you will learn about —Elinor Mills Abreu Reuters' correspondent Why software exploit will continue to be a serious problem "Police investigators study how criminals think and act Military strategists learn about When the enemy's network tactics, security as well mechanisms as their weapons not work and personnel capabilities Similarly, information security professionals need to study their criminals and enemies, so we can Attack tell thepatterns difference between popguns and weapons of mass destruction This book is a significant advance in helping the 'white hats' understand how the 'black hats' operate Reverse engineering Through extensive examples and 'attack patterns,' this book helps the reader Classic attacks server software understand howagainst attackers analyze software and use the results of the analysis to attack systems Hoglund and McGraw explain not only how hackers attack servers, but also Surprising attacks against clientcan software how malicious server operators attack clients (and how each can protect themselves from the other) An excellent book for practicing security engineers, and an ideal book Techniques for crafting malicious input for an undergraduate class in software security." The technical details of buffer overflows —Jeremy Epstein Director, Product Security & Performance webMethods, Inc Rootkits "A provocative and revealing book from two leading security experts and world class software exploiters, Exploiting Software enters the mind of the cleverest andtowickedest Exploiting Software is filled with the tools, concepts, and knowledge necessary break crackers and shows you how they think It illustrates general principles for breaking software software, and provides you a whirlwind tour of techniques for finding and exploiting software vulnerabilities, along with detailed examples from real software exploits Exploiting Software is essential reading for anyone responsible for placing software in a hostile environment—that is, everyone who writes or installs programs that run on the Internet." —Dave Evans, Ph.D Associate Professor of Computer Science University of Virginia "The root cause for most of today's Internet hacker exploits and malicious software outbreaks are buggy software and faulty security software deployment In Exploiting Software, Greg Hoglund and Gary McGraw help us in an interesting and provocative way to better defend ourselves against malicious hacker attacks on those software loopholes • • The information in this book is an essential reference that needs to be understood, digested, and aggressively addressed by IT and information security professionals Table of Contents everywhere." Index Exploiting Software How to Break Code —Ken Cutler, CISSP, CISA Vice ByGregServices, Hoglund, Gary MISMcGraw Training President, Curriculum Development & Professional Institute "This book describes the threats to software in concrete, understandable, and frightening detail It also discusses how to find these problems before the bad folks Pub Date: February 17, 2004 A valuable addition to every programmer's and security person's library!" Publisher: Addison Wesley ISBN: 0-201-78695-8 Pages: 512 —Matt Bishop, Ph.D Professor of Computer Science University of California at Davis Author of Computer Security: Art and Science "Whether we slept through software engineering classes or paid attention, those of us who build things remain responsible for achieving meaningful and measurable vulnerability If youattackers can't afford to software stop all software teach How does softwarereductions break? How make break onmanufacturing purpose? Whyto are your engineers how to build secure software from the ground up, you should at least firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? your software? organization bybook demanding read Exploiting What increase tools canawareness be used toinbreak This providesthat thethey answers Software This book clearly demonstrates what happens to broken software in the wild." Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and —Ron used Moritz, Senior Vice President, Computer techniques by CISSP bad guys to break software Chief If youSecurity want to Strategist protect your software from Associates attack, you must first learn how real attacks are really carried out "Exploiting book Software the most up-to-date technical educate treatment of software security This must-have may is shock you—and it will certainly you.Getting beyond theI have seen If you worry about software and application vulnerability, Exploiting script kiddie treatment found in many hacking books, you will learn about Software is a must-read This book gets at all the timely and important issues surrounding software security in a technical, but still highly readable and engaging, way Why software exploit will continue to be a serious problem Hoglund and McGraw done an excellent job of picking out the major ideas in When network securityhave mechanisms not work software exploit and nicely organizing them to make sense of the software security Attack patterns jungle." —Georgeengineering Reverse Cybenko, Ph.D Dorothy and Walter Gramm Professor of Engineering, Dartmouth Founding Editor-in-Chief, IEEE Security and Privacy Classic attacks against server software "This is a seductive book It starts with a simple story, telling about hacks and cracks It Surprising against client draws you attacks in with anecdotes, butsoftware builds from there In a few chapters you find yourself deep in the intimate details of software security It is the rare technical book that is a Techniques forenjoyable crafting malicious input readable and primer but has the substance to remain on your shelf as a reference Wonderful stuff." The technical details of buffer overflows —Craig Miller, Ph.D Chief Technology Officer for North America Dimension Data Rootkits "It's hard to protect yourself if you don't know what you're up against This book has the Exploiting thehow tools, concepts, knowledge to break detailsSoftware you need is tofilled knowwith about attackers findand software holesnecessary and exploit software them—details that will help you secure your own systems." —Ed Felten, Ph.D Professor of Computer Science Princeton University Attack Patterns Attack Pattern: Make the Client Invisible 150 • • Attack Pattern: Target Programs That Write to Privileged OS Resources 152 Table of Contents Index Attack Pattern: Use a User-Supplied Configuration File to Run Commands That Elevate Privilege153 Exploiting Software How to Break Code ByGreg Hoglund, Gary McGraw Attack Pattern: Make Use of Configuration File Search Paths 156 Publisher: Addison Wesley Attack Pattern: Direct Access to Executable Files 162 Pub Date: February 17, 2004 ISBN: 0-201-78695-8 Attack Pattern: Embedding Scripts within Scripts 164 Pages: 512 Attack Pattern: Leverage Executable Code in Nonexecutable Files 165 Attack Pattern: Argument Injection 169 Attack Pattern: Command Delimiters 172 How does software break? How attackers make software break on purpose? Why are firewalls, intrusion detection andDouble antivirus software Attack Pattern: Multiple systems, Parsers and Escapes 173 not keeping out the bad guys? What tools can be used to break software? This book provides the answers Attack Pattern: User-Supplied Variable Passed to File System Calls 185 Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and techniques by bad guysNULL to break software Attackused Pattern: Postfix Terminator 186If you want to protect your software from attack, you must first learn how real attacks are really carried out Attack Pattern: Postfix, Null Terminate, and Backslash 186 This must-have book may shock you—and it will certainly educate you.Getting beyond the scriptAttack kiddiePattern: treatment Relative found Path in many Traversal hacking 187books, you will learn about Attack Pattern: Client-Controlled Environment Variables 189 Why software exploit will continue to be a serious problem Attack Pattern: User-Supplied Global Variables (DEBUG=1, PHP Globals, and So Forth) When network security mechanisms not work 190 patterns Session ID, Resource ID, and Blind Trust 192 Attack Pattern: Reverse engineering Attack Pattern: Analog In-Band Switching Signals (aka "Blue Boxing") 205 Classic attacks Fragment: against server software Terminal Devices 210 Attack Pattern M anipulating Surprising attacks against client software Attack Pattern: Simple Script Injection 214 Techniques for crafting malicious Attack Pattern: Embedding Script input in Nonscript Elements 215 The technical details ofHTTP bufferHeaders overflows Attack Pattern: XSS in 216 Rootkits Attack Pattern: HTTP Query Strings 216 Exploiting is filled with theFilename tools, concepts, and knowledge necessary to break Attack Software Pattern: User-Controlled 217 software Attack Pattern: Passing Local Filenames to Functions That Expect a URL 225 Attack Pattern: Meta-characters in E-mail Header 226 Attack Pattern: File System Function Injection, Content Based 229 Attack Pattern: Client-side Injection, Buffer Overflow 231 Attack Pattern: Cause Web Server Misclassification 263 Attack Pattern: Alternate Encoding the Leading Ghost Characters 267 Attack Pattern: Using Slashes in Alternate Encoding 268 Attack Pattern: Using Escaped Slashes in Alternate Encoding 270 Attack Pattern: Unicode Encoding 271 • • Table of Contents Attack Pattern: UTF-8 Encoding 273 Index Exploiting Software How to Break Code Attack Pattern: URL Encoding 273 ByGreg Hoglund, Gary McGraw Attack Pattern: Alternative IP Addresses 274 Publisher: Addison Wesley Attack Pattern: Pub Date: February 17,Slashes 2004 and URL Encoding Combined 274 ISBN: 0-201-78695-8 Attack Pattern: Web Logs 275 Pages: 512 Attack Pattern: Overflow Binary Resource File 293 Attack Pattern: Overflow Variables and Tags 294 Attack Pattern:break? Overflow Linksmake 294 software break on purpose? Why are How does software HowSymbolic attackers firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? Attack Pattern: MIME Conversion 295 What tools can be used to break software? This book provides the answers Attack Pattern: HTTP Cookies 295 Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and techniques by bad guys to break software you want to protect your software from Attackused Pattern: Filter Failure through Buffer IfOverflow 296 attack, you must first learn how real attacks are really carried out Attack Pattern: Buffer Overflow with Environment Variables 297 This must-have book may shock you—and it will certainly educate you.Getting beyond the scriptAttack kiddiePattern: treatment found in manyinhacking books, Buffer Overflow an API Call 297you will learn about Attack Pattern: Buffer Overflow in Local Command-Line Utilities 297 Why software exploit will continue to be a serious problem Attack Pattern: Parameter Expansion 298 When network security mechanisms not work Attack Pattern: String Format Overflow in syslog() 324 Attack patterns Reverse engineering Classic attacks against server software Surprising attacks against client software Techniques for crafting malicious input The technical details of buffer overflows Rootkits Exploiting Software is filled with the tools, concepts, and knowledge necessary to break software [SYMBOL] [A] [B] [C ] [D] [E] [F] [G] [H] [I ] [J] [K ] [L] [M] [N] [O ] [P ] [Q ] [R ] [S] [T] [U] [V] [W] [X] [Z] Race conditions detecting in geographically distributed systems Radar systems embedded systems in • flash ROM in Table of Contents Raw packet interfaces, • Index Java support for Reactive subscription IDSs asCode 2nd Exploiting Softwareservices, How to Break Reactive technologies ByGreg Hoglund, Gary McGraw read function Reading Publisher: Addisonfor Wesley enabling, EEPROM Pub untrusted Date: February 17, 2004 from sources hardware ISBN:memory 0-201-78695-8 2nd 3rd 4th 5th 6th 7th 8th master boot512 record Pages: memory in reverse engineering 2nd ReadProcessMemory function ReadRegistry function 2nd 3rd Real-time clock interrupt Rebooting for removing observable effects How does software break? How attackers make software break on purpose? Why are REC program firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? Recovery systems What tools can be used to break software? This book provides the answers Red pointing 2nd Redirection Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and directory techniques used by bad guys to break software If you want to protect your software from executing attack, you must first learn how real attacks are really carried out server-side page references Trojan executables 2nd 3rd 4th shock 5th 6th 7th This must-have book may you—and it will certainly educate you.Getting beyond the with CWD script kiddie treatment found in many hacking books, you will learn about Reference monitors Reflection against Whytrusted software sites exploit will continue to be a serious problem with in-band signals When Registering network security mechanisms not work drivers 2nd 3rd Attack patterns unload routines Registers Reverse engineering examining 2nd for boron tags 2nd Classic attacks against server software in buffer overflow 2nd in MIPS Surprising attacks against client software in SPARC Registry keys Techniques for crafting malicious input as attack targets controllable The technical details of buffer overflows regmon tool RegularRootkits expressions Relative path injection Exploiting Software is Relative path traversal filled with the tools, concepts, and knowledge necessary to break software Release guards Remote attacks 2nd Remote procedure calls (RPCs) Remote xterms with server software Removing observable effects process records 2nd 3rd 4th Ren, Chris Replies, injection with report_out.txt file 2nd 3rd require function ResetPC function Resource files, executable code in Resource IDs ret instruction Return addresses • • for injection vectors Table of Contents in buffer overflow attacks Index Reverse compilers [See Source code;Decompilers] Exploiting Software How to Break Code Reverse engineering 2nd 3rd ByGreg Hoglund , Garyaudits McGraw access requirement in API resources for automatic auditing in 2nd 3rd 4th 5th 6th 7th 8th 9th 10th Publisher:bulk Addison Wesley black box analysis for 2nd Pub Date: February 17, 2004 breakpoints for 2nd 3rd 4th ISBN: 0-201-78695-8 code coverage for 2nd 3rd 4th 5th 6th 7th 8th 9th Pages: 512 cracking tools for 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th debuggers for 2nd 3rd 4th 5th decompiling in 2nd 3rd 4th 5th 6th 7th development of disassembling in 2nd 3rd How does software break? How attackers make software break on purpose? Why are fault injection in 2nd 3rd firewalls, detection systems, and antivirus software not keeping out the bad guys? graphing intrusion for What can be to break software? This book provides the answers graytools box analysis for used 2nd 3rd I-Planet Server 2nd 3rd 4th 5th 6th Exploiting is 5th loaded with examples real attacks, attack patterns, tools, and IDA plugins Software for 2nd 3rd 4th 6th 7th 8th 9th 10th 11th of 12th 13th techniques used by bad guys to break software If you want to protect your software from input tracing for 2nd attack, you must first learn how real attacks are really carried out kernel access in leaking buffer data in 2nd 3rd This must-have book may shock you—and it will certainly educate you.Getting beyond the legality of 2nd 3rd script kiddie treatment found in many hacking books, you will learn about multithreading programs 2nd 3rd 4th patching in 2nd 3rd process in 2nd 3rd 4th 5th continue 6th Whysnapshots software exploit will to be a serious problem purpose of 2nd reading andnetwork writing memory in 2ndmechanisms When security not work red pointing in 2nd single stepping in 2nd Attack patterns version differences for Reverse engineering white box analysis for 2nd RevertToSelf function Classic attacks against RISC architectures, payloads on [See server Payloads]software Risk and risk assessment Surprising actual attacks against client software defined Techniques for crafting malicious input for vulnerabilities 2nd in open-systems 2nd The technical details of buffer overflows ROM 2nd Root access, need for Rootkits Rootkits 2nd advanced topics 2nd 3rd is filled with the tools, concepts, and knowledge necessary to break Exploiting Software call hooking for 2nd 3rd 4th 5th 6th 7th software detecting for hardware viruses [See Hardware viruses] for hiding files and directories 2nd 3rd for interrupts 2nd 3rd 4th for low-level disk access 2nd hiding key logging 2nd network support for drivers 2nd 3rd 4th 5th 6th 7th 8th 9th 10th patching binary code 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th Trojan executable redirection 2nd 3rd 4th 5th 6th 7th Routers black box analysis for buffer overflow in 2nd RPCs (remote procedure calls) run function Running processes, attaching to 2nd • Table of Contents • Index Runouts in code tracing Runtime memory addresses, mapping Exploiting Software How to Break Code Runtime tracing 2nd ByGreg Hoglund, Gary McGraw Publisher: Addison Wesley Pub Date: February 17, 2004 ISBN: 0-201-78695-8 Pages: 512 How does software break? How attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software If you want to protect your software from attack, you must first learn how real attacks are really carried out This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about Why software exploit will continue to be a serious problem When network security mechanisms not work Attack patterns Reverse engineering Classic attacks against server software Surprising attacks against client software Techniques for crafting malicious input The technical details of buffer overflows Rootkits Exploiting Software is filled with the tools, concepts, and knowledge necessary to break software [SYMBOL] [A] [B] [C ] [D] [E] [F] [G] [H] [I ] [J] [K ] [L] [M] [N] [O ] [P ] [Q ] [R ] [S] [T] [U] [V] [W] [X] [Z] sample_callback function Satellites, exploitation of save instruction SCADA software weaknesses Scancodes scanf function • Table of Contents Scheduling processes • Index2nd Scientific method in reverse engineering Exploiting Software How to Break Code Script kiddies ByGreg Hoglund, Gary McGraw Scripting.FileSystemObject Scriptlet.TypeLib Publisher: Addison Wesley Scripts Pub Date: February buffer overflows from17, 2004 cross-site ISBN:[See 0-201-78695-8 XSS (cross-site scripting)] embedding Pages: 512 in nonscript elements in scripts 2nd misclassification with with client software 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th scrrun.dll file 2nd 3rd 4th 5th How does software break? How attackers make software break on purpose? Why are Scrubbing problem in Ethernet 2nd firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? SeAccessCheck function 2nd 3rd What tools can be used to break software? This book provides the answers Search paths in configuration files seccinit.c file Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and seccook.c file techniques used by bad guys to break software If you want to protect your software from secfail.c file attack, you must first learn how real attacks are really carried out Second serial port interrupt Secondary IDE channel interrupt This must-have book may shock you—and it will certainly educate you.Getting beyond the treatment found in many hacking books, you will learn about Secret scriptvariables kiddie Secrets and Lies (Schneier) Securing Java (McGraw and Felten) 2nd 3rd Security Why software exploit will continue to be a serious problem boron tags for Whenoverflows network for buffer security mechanisms not work in network-based software Attack on Internet patterns software vs application Reverse engineering through obscurity Security Engineering (Anderson) Classic attacks against server software Security error handlers Security flaws, reverse engineering for Surprising attacks against client software Security testing Segmented GET requests Techniques for crafting malicious input Self-decrypting payloads 2nd 3rd Self-organizing systems The technical details of buffer overflows SendKeyboardCommand function 2nd Sendmail, Rootkits overflow in Serial EEPROM 2nd Exploiting Software is Serial port interrupts 2nd filled with the tools, concepts, and knowledge necessary to break software Server control of client software 2nd Server software 2nd adding users authentication in 2nd blind trust in 2nd configure trust in 2nd 3rd 4th 5th environment variables in 2nd 3rd 4th error code checking in exploring file systems 2nd 3rd 4th 5th 6th FTP injection points in 2nd input path tracing in 2nd 3rd 4th 5th 6th permissions inheritance in phase space analysis in 2nd 3rd 4th privilege escalation problem in 2nd 3rd 4th process spawning in • • remote xterms with Table of Contents scheduling processes on 2nd Index session IDs in Exploiting Software How to Break Code shell command injection in [See Shell command injection] ByGreg TFTP Hoglund, Gary McGraw trusted input problem in 2nd 3rd with local sockets 2nd Publisher: Addison Wesley Server-side page reference Pub Date: February 17,redirects 2004 Service outages from worms ISBN: 0-201-78695-8 ServiceName value Pages: 512 Session authentication Session IDs cookies for in server software SetBreakpoint function How software break? How attackers make software break on purpose? Why are SetEIPdoes function firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? SetLEDS function What tools function can be used to break software? This book provides the answers SetSingleStep setsnap function 2nd Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and SetSystemInformation function techniques used by bad guys to break software If you want to protect your software from setuid utility attack, you must first learn how real attacks are really carried out sfc.dll file sfcfiles.dll file This must-have book may shock you—and it will certainly educate you.Getting beyond the Shared buffers, leaking data in 2nd 3rd script kiddie treatment found in many hacking books, you will learn about Shell code in embedded systems Shell command injection 2nd delimiters in 2nd 3rd Why software exploit will continue to be a serious problem fluttering windows from for binary building 2nd 3rd Whenfile network security mechanisms not work for text file building through arguments from other programs Attack patterns Short-term future of software 2nd 3rd 4th 5th ReverseIDSs engineering Signature-based 2nd 3rd Signed/unsigned mismatches 2nd 3rd 4th 5th attacks Simple Classic script injection, XSSagainst in 2nd Single stepping Surprising attacks in reverse engineering 2nd server software against client software in runtime tracing 2nd Techniques for crafting malicious input Single-step flag Size The technical details of buffer overflows buffer 2nd payload Rootkits Slashes (/) in alternate encoding 2nd 3rd 4th 5th Sliding registersSoftware in SPARC Exploiting is filled with the tools, concepts, and knowledge necessary to break slti instruction 2nd software Smart objects SmartBits tool Smashing the stack Snapshots, process 2nd 3rd 4th 5th 6th Sniffers for IDSs for OS stack identification 2nd Social engineering in C5 attacks Sockets, server software with 2nd SoftIce debugger Software bad 2nd defined essential future of 2nd 3rd 4th 5th 6th 7th 8th 9th 10th • vulnerabilities Table of Contents Software copy protection limitations • Index Software distribution, future of Exploiting Software How to Break Code Software Fault Injection (Voas and McGraw) 2nd By Greg Hoglund , Gary McGraw Software licensing, ASP model of Software security vs application security Software testing, difficulties in Publisher: Addison Wesley Solaris systems Pub Date: February 17, 2004 bufferISBN: overflow in 0-201-78695-8 target models for 2nd Pages: 512 Sound card interrupt Source code decompilers for in white box analysis 2nd vs executable How does SOURCES filesoftware break? How attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? SourceScope tool 2nd What toolsoverflow can beattacks used to break software? This book provides the answers for buffer for white box analysis Exploiting Software is requests loaded with examples of real attacks, attack patterns, tools, and Space characters in equivalent techniques used by bad guys to break software If you want to protect your software from SPARC systems attack, you must first learn how real attacks are really carried out function call nesting in payload construction in 2nd 3rd 4th This must-have book may shock you—and it will certainly educate you.Getting beyond the register windows in script kiddie treatment found in many hacking books, you will learn about stacks on 2nd Special characters in parsing Special-purpose computational unitswill Why software exploit continue to be a serious problem Special-purpose OSs Spike tool When network security mechanisms not work Spoofing SpoonFTP, triple-dot vulnerability in 2nd Attack patterns Spreadsheets, XSS in sprintf Reverse function engineering Spying 2nd 3rd Classic attacks against server SQL Server 7, gray box analysis for 2nd software SQL statements, buffer overflows from 2nd Surprising attacks Stack traces for helpctr.exe against client software Stacked applications, conceptual view of Techniques for crafting malicious input StackGuard tool 2nd 3rd 4th 5th 6th 7th Stacks and stack overflow 2nd The technical details of buffer overflows attack patterns 2nd exception handler frames overwriting in Rootkits fixed-size buffers in 2nd in buffer overflow 2nd Exploiting Software is filled with the tools, concepts, and knowledge necessary to break in C++ 2nd 3rd software injection vectors for NULL termination in 2nd 3rd 4th 5th 6th 7th on PA-RISC 2nd 3rd on SPARC 2nd StackShield tool Statement sets, hostile States in buffer overflow 2nd in open-ended systems in software 2nd mapping 2nd Static analysis tools for buffer overflow attacks [See also SourceScope] Static strings in buffer overflow Statistical windows in anomaly-based IDSs Stealth activities Steganography • Table of Contents • Index stepi command Storage files, hiding Exploiting Software How to Break Code Stored procedures ByGreg Hoglund , Gary buffer overflows fromMcGraw 2nd in Oracle 9i strcat function Addison Wesley Publisher: strcpy function Pub Date: February 17, 2004 bufferISBN: overflow from 2nd 3rd 4th 0-201-78695-8 in reverse engineering Pages: 512 Stress testing String functions in buffer overflow attacks 2nd 3rd strlen function 2nd strncat function 2nd 3rd strncpy function 2nd How does software break? How attackers make software break on purpose? Why are Subopcodes firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? Subscription services What tools can be used to break software? This book provides the answers Subversive programs classification of Exploiting defined 2nd Software is loaded with examples of real attacks, attack patterns, tools, and techniques SWIFT networkused by bad guys to break software If you want to protect your software from attack, first for learn how real attacks are really carried out Switches, you black must box analysis Symbolic Links, overflow in This must-have book may shock you—and it will certainly educate you.Getting beyond the Synchronization of packets 2nd script kiddie treatment found in many hacking books, you will learn about syscall function syslog function SystemWhy calls software exploit will continue to be a serious problem for reverse engineering hooking When network security mechanisms not work user-supplied variables passed to SystemAttack directories as attack targets patterns System file protection, disabling systemReverse function engineering buffer overflows from Classic attacks in Prolog/Epilog 2nd against server software in shell command injection PerlSurprising calls to 2nd attacks against client software System timer interrupt Techniques for crafting malicious input SystemLoadAndCallImage function Systems The technical details of buffer overflows privileges for 2nd software as Rootkits Exploiting Software is filled with the tools, concepts, and knowledge necessary to break software [SYMBOL] [A] [B] [C ] [D] [E] [F] [G] [H] [I ] [J] [K ] [L] [M] [N] [O ] [P ] [Q ] [R ] [S] [T] [U] [V] [W] [X] [Z] T-SQL (transact SQL) protocol 2nd Tags boron [See Boron tags] overflow in Taint mode in Perl 2nd takesnap function 2nd of 3rdContents • Table Tankers, embedded systems in • Index Target components in attack patterns Exploiting Software How to Break 2nd Code Target software ByGreg Hoglund, Gary McGraw TARGETPATH environment variable Taxonomy of attack patterns 2nd 3rd 4th Publisher: Addison Wesley Taylor UUCP daemon Pub Date: February 17, 2004 TCP/IP packet ISBN: defragmentation 0-201-78695-8 in portsPages: as entry 512points Technology adoption rates TELNET environment variables Temporary files TERM environment variable term function How does software break? How attackers make software break on purpose? Why are Terminals firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? character injection in 2nd 3rd What tools can be used to break software? This book provides the answers escape codes for 2nd 3rd Testing methodologies, fault injection for 2nd 3rd Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and Text files, shell command injection for techniques used by bad guys to break software If you want to protect your software from TFTP (Tiny FTP) attack, you must first learn how real attacks are really carried out The PIT tool Thousand lines of code (KLOC) in bug rates you—and 2nd 3rd This must-have book may shock Threads, enumerating 2nd script kiddie treatment it will certainly educate you.Getting beyond the found in many hacking books, you will learn about Three-dimensional phase space plot of points Time to market pressures timerDPC Why function software exploit will continue to be a serious problem Timing attacks, detecting Timing When issues network security mechanisms not work in EEPROM Attack patterns in geographically distributed systems Tiny FTP (TFTP) Reverse engineering Titan application firewall traceroute tool Classic attacks against server software Tracing code [See Code tracing] Trade secrets Surprising attacks against client software Tradecraft, digital 2nd 3rd Trampoline attack 2nd for 3rd 4th 5th Techniques crafting malicious input Transact SQL (T-SQL) protocol 2nd Transaction-based systems The technical details of buffer overflows Transport-level security TRAP FLAG Rootkits Traversal, file system 2nd Exploiting Trigger filters Software is filled with the tools, concepts, and knowledge necessary to break software Trillian chat client 2nd Triple-dot vulnerability 2nd Tripwire, redirection with 2nd Trojan executable redirection drivers for 2nd 3rd 4th 5th 6th with Tripwire 2nd Trunk lines, controlling 2nd Truss tool 2nd Trust issues design-level in buffer overflows in Java in server software 2nd 3rd 4th 5th 6th 7th 8th input-based with users Trusted sites, reflection against Turing machines • Table of Contents • Index Two-stage buffer overflow attacks 2nd [See also Trampoline attack] Type confusion attacks in Java Exploiting Software How to Break Code Type safe languages 2nd By Greg Hoglund , Gary McGraw TypeLib, attacks on Publisher: Addison Wesley Pub Date: February 17, 2004 ISBN: 0-201-78695-8 Pages: 512 How does software break? How attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software If you want to protect your software from attack, you must first learn how real attacks are really carried out This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about Why software exploit will continue to be a serious problem When network security mechanisms not work Attack patterns Reverse engineering Classic attacks against server software Surprising attacks against client software Techniques for crafting malicious input The technical details of buffer overflows Rootkits Exploiting Software is filled with the tools, concepts, and knowledge necessary to break software [SYMBOL] [A] [B] [C ] [D] [E] [F] [G] [H] [I ] [J] [K ] [L] [M] [N] [O ] [P ] [Q ] [R ] [S] [T] [U] [V] [W] [X] [Z] Undisclosed exploits Unicode encoding in equivalent requests 2nd Uniform Computer Information Transactions Act (UCITA) Uniform resource identifier (URI) data, locating routines for 2nd Uniform resource locators (URLs) • equivalent requests 2nd 3rd Table of Contents • passing localIndex filenames in place of 2nd trust assumptions Exploiting Software in How to Break Code Universal Turing machines ByGreg Hoglund, Gary McGraw UNIX environment variables UNIX-to-UNIX copy program (UUCP) Publisher: Addison Unloadable drivers 2nd Wesley Publanguages Date: February 17, 2004 Unsafe Unsigned/signed ISBN: 0-201-78695-8 mismatches 2nd 3rd 4th 5th Untrusted sources, Pages: 512 reading from URI (uniform resource identifier) data, locating routines for 2nd URLs (uniform resource locators) in equivalent requests 2nd 3rd passing local filenames in place of 2nd trust assumptions in How does software break? How attackers make software break on purpose? Why are US Vicennes software failures firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? User interfaces for server software What tools can be used to break software? This book provides the answers User-controlled filenames, XSS in User-mode debuggers Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and User-supplied configuration files for elevated privilege techniques used by bad guys to break software If you want to protect your software from User-supplied variables, passed to file system calls attack, you must first learn how real attacks are really carried out Users, adding UTF-8 encoding This must-have book may shock you—and it will certainly educate you.Getting beyond the in many hacking books, you will learn about UUCP copy program) script(UNIX-to-UNIX kiddie treatment found Why software exploit will continue to be a serious problem When network security mechanisms not work Attack patterns Reverse engineering Classic attacks against server software Surprising attacks against client software Techniques for crafting malicious input The technical details of buffer overflows Rootkits Exploiting Software is filled with the tools, concepts, and knowledge necessary to break software [SYMBOL] [A] [B] [C ] [D] [E] [F] [G] [H] [I ] [J] [K ] [L] [M] [N] [O ] [P ] [Q ] [R ] [S] [T] [U] [V] [W] [X] [Z] Valgrind debugger Variables in buffer overflow attacks 2nd 3rd 4th 5th in PHP 2nd 3rd in server software 2nd 3rd 4th • user-suppliedTable of Contents Version differences for reverse engineering • Index Vessel Traffic Management System (VTMIS) Exploiting Software HowInformation to Break Code Virtual machines (VMs) ByGreg Hoglund, Gary McGraw buffer overflows in 2nd 3rd encapsulation of Publisher: Addison Wesley extensibility of Pub Date: February VirtualQueryEx function 17, 2004 breakpoints ISBN: 0-201-78695-8 for 2nd 3rd for memory querying 2nd Pages: 512 Virus checkers as reactive technology Viruses development of hardware [See Hardware viruses] in client scripts 2nd How does software break? How attackers make software break on purpose? Why are poison pills for firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? Visibility of faults What tools can be used to break software? This book provides the answers Vitek, Ian 2nd von Bertalanffy, Ludwig Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and Voyager spacecraft techniques used by bad guys to break software If you want to protect your software from vsprintf function attack, you must first learn how real attacks are really carried out VT terminal escape codes Vtables This must-have book may shock you—and it will certainly educate you.Getting beyond the books, you will learn about VTMIS Management Information System) script(Vessel kiddieTraffic treatment found in many hacking Vulnerabilities backtracing from 2nd 3rd collections Why software of exploit will continue to be a serious problem defined 2nd When network design-level 2nd security mechanisms not work increases in patterns riskAttack assessment for 2nd VxWorks OS Reverse engineering flash ROM in in embedded systems Classic attacks against server software Surprising attacks against client software Techniques for crafting malicious input The technical details of buffer overflows Rootkits Exploiting Software is filled with the tools, concepts, and knowledge necessary to break software [SYMBOL] [A] [B] [C ] [D] [E] [F] [G] [H] [I ] [J] [K ] [L] [M] [N] [O ] [P ] [Q ] [R ] [S] [T] [U] [V] [W] [X] [Z] WaitForKeyboard function 2nd wcsncat function in helpctr.exe 2nd 3rd 4th in WINNT 2nd WDASM disassembler Weak local calls,Table finding 3rd 4th 5th • of2nd Contents Web browsers and ActiveX 2nd • Index Web code and XML Exploiting Software How to Break Code Web logs ByGreg Hoglund, Gary McGraw Web servers command-line parameters with Publisher: Addison Wesley ghost characters with Pub Date: February misclassification of 17, 2004 Web spoofing ISBN: 0-201-78695-8 Webalizer program Pages: 512 WEP (wired equivalent privacy) encryption algorithm White box analysis 2nd vs black box analysis White lists for input How does software break? How attackers make software break on purpose? Why are vs black lists 2nd firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? White space in equivalent requests What tools can be used to break software? This book provides the answers Whitehat Security Arsenal (Rubin) Whittaker, James Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and Winamp program techniques used by bad guys to break software If you want to protect your software from Windows operating systems attack, you must first learn how real attacks are really carried out disabling system file protection for heap headers in book may shock you—and it will certainly educate you.Getting beyond the This must-have kernel patching in 2nd 3rd 4th 5th 6th 8th 9th 10th 11th 12th you will learn about script kiddie treatment found in 7th many hacking books, key loggers in 2nd lines of code in message Why pumps software in exploit will continue to be a serious problem wcsncat function in 2nd When network security mechanisms Wired equivalent privacy (WEP) encryption algorithm not work Wireless systems Attack future of 2ndpatterns hiding attacker identity in 2nd Reverse engineering Worms operation of 2nd Classic attacks against server software service outages from write_eeprom function Surprising attacks against client software WriteProcessMemory function WritingTechniques for crafting malicious input enabling, EEPROM for hardware memory 2nddetails 3rd 4th of 5thbuffer 6th 7th 8th The technical overflows kernel rootkits master Rootkits boot record memory in reverse engineering 2nd Exploiting Software is filled with the tools, concepts, and knowledge necessary to break to physical memory software to privileged resources Writing Secure Code (Howard and LeBlanc) 2nd 3rd WSARecv function backtracing to in partition analysis in reverse engineering WSASend function Wscript.network, attacks on WScript.Shell, attacks on wsprintf function • Table of Contents • Index Exploiting Software How to Break Code ByGreg Hoglund, Gary McGraw Publisher: Addison Wesley Pub Date: February 17, 2004 ISBN: 0-201-78695-8 Pages: 512 How does software break? How attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software If you want to protect your software from attack, you must first learn how real attacks are really carried out This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about Why software exploit will continue to be a serious problem When network security mechanisms not work Attack patterns Reverse engineering Classic attacks against server software Surprising attacks against client software Techniques for crafting malicious input The technical details of buffer overflows Rootkits Exploiting Software is filled with the tools, concepts, and knowledge necessary to break software [SYMBOL] [A] [B] [C ] [D] [E] [F] [G] [H] [I ] [J] [K ] [L] [M] [N] [O ] [P ] [Q ] [R ] [S] [T] [U] [V] [W] [X] [Z] x command 2nd X Windows, backdoors on x86 debuggers 2nd 3rd x86 feature set XML markup language XOR protection Table of Contents • XSS (cross-site scripting) • Index in HTTP headers Exploiting Software How to Break Code in HTTP query strings 2nd ByGreg Hoglund, Gary McGraw in Javascript alert dialog attacks in reflection against trusted sites Addison Wesley inPublisher: simple script injection 2nd Date: February 17, 2004 inPub user-controlled filenames xterms with ISBN: server 0-201-78695-8 software Xtlib, buffer overflow Pages: 512 in How does software break? How attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software If you want to protect your software from attack, you must first learn how real attacks are really carried out This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about Why software exploit will continue to be a serious problem When network security mechanisms not work Attack patterns Reverse engineering Classic attacks against server software Surprising attacks against client software Techniques for crafting malicious input The technical details of buffer overflows Rootkits Exploiting Software is filled with the tools, concepts, and knowledge necessary to break software [SYMBOL] [A] [B] [C ] [D] [E] [F] [G] [H] [I ] [J] [K ] [L] [M] [N] [O ] [P ] [Q ] [R ] [S] [T] [U] [V] [W] [X] [Z ] Zone transfers ZwCreateProcess function ZwCreateSection function 2nd ZwOpenFile function 2nd 3rd • Table of Contents • Index Exploiting Software How to Break Code ByGreg Hoglund, Gary McGraw Publisher: Addison Wesley Pub Date: February 17, 2004 ISBN: 0-201-78695-8 Pages: 512 How does software break? How attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software If you want to protect your software from attack, you must first learn how real attacks are really carried out This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about Why software exploit will continue to be a serious problem When network security mechanisms not work Attack patterns Reverse engineering Classic attacks against server software Surprising attacks against client software Techniques for crafting malicious input The technical details of buffer overflows Rootkits Exploiting Software is filled with the tools, concepts, and knowledge necessary to break software [...]... directly toward software security as opposed to network security As security professionals come to grips with the software security problem, they need to understand how software systems break How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion Solutions to each ofdetection the problems systems, discussed and antivirus in Exploiting software Software... real-world software exploits, explaining how and why they work, the attack patterns they are based on, and in some cases how they were discovered Along the way, this book also shows how to uncover new software vulnerabilities and how to • ofmachines Contents use them to Table break • Index Exploiting Howwhy to Break Code is the root of the computer security problem We introduce Chapter 1Software describes software. .. against software • Table of Contents • Index Exploiting Software How to Break Code ByGreg Hoglund, Gary McGraw Publisher: Addison Wesley Pub Date: February 17, 2004 ISBN: 0-201-78695-8 Pages: 512 How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? ... image] How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software If you want to. .. against software Techniques for crafting malicious input The technical details of buffer overflows Rootkits Exploiting Software is filled with the tools, concepts, and knowledge necessary to break software • Table of Contents • Index Exploiting Software How to Break Code ByGreg Hoglund, Gary McGraw Publisher: Addison Wesley Pub Date: February 17, 2004 ISBN: 0-201-78695-8 Pages: 512 How does software break? ... break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software If you want to protect your software. .. break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software If you want to protect your software. .. What tools can be used to break software? book can provides your system microchips Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and Satellites been exploited and will continue be exploited techniques used have by bad guys to break software If you to want to protect your software from attack, you must first learn how real attacks are really carried out According to. .. necessary to break marines were killed software Figure 1-2 The MV-22 Osprey in flight Sophisticated control software has life-critical impact Official U.S Navy photo by Photographer's Mate 1st Class Peter Cline • Table of Contents • Index Exploiting Software How to Break Code ByGreg Hoglund, Gary McGraw Publisher: Addison Wesley Pub Date: February 17, 2004 ISBN: 0-201-78695-8 Pages: 512 How does software break? ... do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software If you want to protect your software from attack, ... Client Software ISBN: 0-2 0 1-7 869 5-8 Client-side Programs as Attack Targets Pages: 512 In-band Signals Cross-site Scripting (XSS) Client Scripts and Malicious Code Content-Based Attacks Backwash... February 17, 2004 [1] Of course, most exploits are designed to break off-the-shelf software running on off-the-shelf ISBN: 0-2 0 1-7 869 5-8 computers used by everyday business people Pages: 512 There are... supported by DARPA contract no F3060 2-9 9-C-0172 (An Rootkits Investigation of Extensible System Security for Highly Resource-Constrained Wireless Devices ) and AFRL Wright-Patterson grant Reverse Exploiting