Every day, someone discovers a critical new security flaw in software you depend on. Quite often, those flaws appear first on Bugtraq, the world’s No. 1 vulnerability tracking maillist. Now, some of Bugtraq’s leading contributors show you exactly how they discover those holes -- and how to exploit them. Along the way, they reveal some never-before-published bugs -- including holes they claim are big enough to “take down the Internet.”
The authors cover platforms ranging from Windows to Solaris. They start with Linux on x86, where it’s easiest to understand the hacks because you can get inside the source code. Here, they introduce memory management and stack buffer overflows, format string overflows, and heap-based overflows. They also introduce basic shellcoding: how to write instructions that directly manipulate registers and a program’s functions. This can’t be done with high-level languages: We’re talking hexadecimal opcodes.
Next, the authors move on to Windows. Here, until recently, shellcoding was a true black art. Win32 doesn’t provide direct access to system calls, so more complex techniques are required. (As an example, the authors show how to bypass the vaunted stack protection Microsoft added to Windows 2003 Server.)
The authors then turn to the tools and techniques of vulnerability discovery: fault injection, fuzzing, source code auditing in C-based languages, instrumented investigation, tracing, and binary auditing of closed-source software. The book concludes with several especially sophisticated techniques, ranging from alternative payload strategies and database attacks to Unix kernel exploits. This stuff’s the real deal. Bill Camarda
Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2003 and Upgrading & Fixing Networks for Dummies, Second Edition.