Forensic investigations of notorious Internet attacks, such as the SQL Slammer and Blaster Worms, reveal buffer overflows to be the sophisticated hacker’s “vulnerability of choice”. These worms crippled the Internet and cost billions of dollars to clean up. Now, even more powerful and insidious threats have appeared in the form of “custom exploits”. These one-time only exploits are custom crafted to attack your enterprise, making them even more difficult to detect and defend. No catchy names, no media coverage; just your own personal disaster.
James C. Foster’s Buffer Overflow Attacks clearly demonstrates that the only way to defend against the endless variety of buffer overflow attacks is to implement a comprehensive design, coding and test plan for all of your applications. From Dave Aitel’s Foreword through the last appendix, this is the only book dedicated exclusively to detecting, exploiting, and preventing buffer overflow attacks.
Edición: Syngress (2005)
Idioma: Inglés
Formato: PDF
Contenido:
- Buffer Overflows: The Essentials
- Understanding Shellcode
- Writing Shellcode
- Win32 Assembly
- Case Study: FreeBSD NN Exploit Code
- Case Study: xlockmore User Supplied Format String Vulnerability
- Case Study: FrontPage Denial of Service Utilizing WinSock
- Case Study: cURL buffer overflow on FreeBSD
- Stack Overflows
- Heap Corruption
- Format String Attacks
- Windows Buffer Overflows
- Case Study: cURL buffer overflow on Linux
- Case Study: OpenSSL SSLv2 Malformed Client Key Remote Buffer Overflow Vulnerability
- Case Study: X11R6 4.2 XLOCALEDIR Overflow
- Case Study: Microsoft MDAC Denial of Service
- Case Study: Local UUX Buffer Overflow on HPUX
- Finding Buffer Overflows in Source
- Case Study: InlineEgg I
- Case Study: InlineEgg II
- Case Study: Seti@Home Exploit Code
- Case Study: Microsoft CodeBlue Exploit Code
- Appendix A: The Complete Data Conversion Table
- Appendix B: Useful Syscalls
Descarga/Download
No hay comentarios:
Publicar un comentario