We’ve covered a lot of ground in this chapter, and you might be left with a lot of questions. Don’t worry—that’s a fine place to be. The following seven diary chapters delve into more detail on the topics introduced here and will answer many of your questions. You can also read through the appendixes for background information on various topics discussed throughout this book.
The diary chapters are not in chronological order. They’re arranged according to the subject matter so that the concepts build on one another.
[1] See Pedram Amini, “Mostrame la guita! Adventures in Buying Vulnerabilities,” 2009, http://docs.google.com/present/view?id=dcc6wpsd_20ghbpjxcr; Charlie Miller, “The Legitimate Vulnerability Market: Inside the Secretive World of 0-day Exploit Sales,” 2007, http://weis2007.econinfosec.org/papers/29.pdf; iDefense Labs Vulnerability Contribution Program, https://labs.idefense.com/vcpportal/login.html; TippingPoint’s Zero Day Initiative, http://www.zerodayinitiative.com/.
[2] See Daniel Hodson, “Uninitialized Variables: Finding, Exploiting, Automating” (presentation, Ruxcon, 2008), http://felinemenace.org/~mercy/slides/RUXCON2008-UninitializedVariables.pdf.
[3] See Common Weakness Enumeration, CWE List, CWE - Individual Dictionary Definition (2.0), CWE-415: Double Free at http://cwe.mitre.org/data/definitions/415.html.
[4] See http://www.hex-rays.com/idapro/.
[5] See Intel® 64 and IA-32 Architectures Software Developer’s Manual, Volume 1: Basic Architecture at http://www.intel.com/products/processor/manuals/.