Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
Cover Title Page Copyright Dedication About the Authors Credits Acknowledgments Introduction to the Second Edition Part I: Introduction to Exploitation: Linux on x86
Chapter 1: Before You Begin
Basic Concepts Recognizing C and C++ Code Constructs in Assembly Conclusion
Chapter 2: Stack Overflows
Buffers The Stack Overflowing Buffers on the Stack An Interesting Diversion Using an Exploit to Get Root Privileges Defeating a Non-Executable Stack Conclusion
Chapter 3: Shellcode
Understanding System Calls Writing Shellcode for the exit() Syscall Injectable Shellcode Spawning a Shell Conclusion
Chapter 4: Introduction to Format String Bugs
Prerequisites What Is a Format String? What Is a Format String Bug? Format String Exploits Controlling Execution for Exploitation Why Did This Happen? Format String Technique Roundup Conclusion
Chapter 5: Introduction to Heap Overflows
What Is a Heap? Finding Heap Overflows Conclusion
Part II: Other Platforms—Windows, Solaris, OS/X, and Cisco
Chapter 6: The Wild World of Windows
How Does Windows Differ from Linux? Heaps The Genius and Idiocy of the Distributed Common Object Model and DCE-RPC Debugging Windows Conclusion
Chapter 7: Windows Shellcode
Syntax and Filters Setting Up Popping a Shell Why You Should Never Pop a Shell on Windows Conclusion
Chapter 8: Windows Overflows
Stack-Based Buffer Overflows Frame-Based Exception Handlers Abusing Frame-Based Exception Handling on Windows 2003 Server Stack Protection and Windows 2003 Server Heap-Based Buffer Overflows The Process Heap Exploiting Heap-Based Overflows Other Overflows Exploiting Buffer Overflows and Non-Executable Stacks Conclusion
Chapter 9: Overcoming Filters
Writing Exploits for Use with an Alphanumeric Filter Writing Exploits for Use with a Unicode Filter Exploiting Unicode-Based Vulnerabilities The Venetian Method Decoder and Decoding Conclusion
Chapter 10: Introduction to Solaris Exploitation
Introduction to the SPARC Architecture Solaris/SPARC Shellcode Basics Solaris/SPARC Stack Frame Introduction Stack-Based Overflow Methodologies Stack Overflow Exploitation In Action Heap-Based Overflows on Solaris/SPARC Basic Exploit Methodology (t_delete) Other Heap-Related Vulnerabilities Heap Overflow Example Other Solaris Exploitation Techniques Conclusion
Chapter 11: Advanced Solaris Exploitation
Single Stepping the Dynamic Linker Various Style Tricks for Solaris SPARC Heap Overflows Advanced Solaris/SPARC Shellcode Conclusion
Chapter 12: OS X Shellcode
OS X Is Just BSD, Right? Is OS X Open Source? OS X for the Unix-aware OS X PowerPC Shellcode OS X Intel Shellcode OS X Cross-Platform Shellcode OS X Heap Exploitation Bug Hunting on OS X Some Interesting Bugs Essential Reading for OS X Exploits Conclusion
Chapter 13: Cisco IOS Exploitation
An Overview of Cisco IOS Vulnerabilities in Cisco IOS Reverse Engineering IOS Exploiting Cisco IOS Conclusion
Chapter 14: Protection Mechanisms
Protections Implementation Differences Conclusion
Part III: Vulnerability Discovery
Chapter 15: Establishing a Working Environment
What You Need for Reference What You Need for Code What You Need for Investigation What You Need to Know Optimizing Shellcode Development Conclusion
Chapter 16: Fault Injection
Design Overview Fault Monitoring Putting It Together Conclusion
Chapter 17: The Art of Fuzzing
General Theory of Fuzzing Weaknesses in Fuzzers Modeling Arbitrary Network Protocols Other Fuzzer Possibilities SPIKE Other Fuzzers Conclusion
Chapter 18: Source Code Auditing: Finding Vulnerabilities in C-Based Languages
Tools Automated Source Code Analysis Tools Methodology Vulnerability Classes Beyond Recognition: A Real Vulnerability versus aBug Conclusion
Chapter 19: Instrumented Investigation: A Manual Approach
Philosophy Oracle extproc Overflow Common Architectural Failures Bypassing Input Validation and Attack Detection Windows 2000 SNMP DOS Finding DOS Attacks SQL-UDP Conclusion
Chapter 20: Tracing for Vulnerabilities
Overview Conclusion
Chapter 21: Binary Auditing: Hacking Closed Source Software
Binary versus Source-Code Auditing: The Obvious Differences IDA Pro—The Tool of the Trade Binary Auditing Introduction Reconstructing Class Definitions Manual Binary Analysis Binary Vulnerability Examples Conclusion
Part IV: Advanced Materials
Chapter 22: Alternative Payload Strategies
Modifying the Program The SQL Server 3-Byte Patch The MySQL 1-Bit Patch OpenSSH RSA Authentication Patch Other Runtime Patching Ideas Upload and Run (or Proglet Server) Syscall Proxies Problems with Syscall Proxies Conclusion
Chapter 23: Writing Exploits that Work in the Wild
Factors in Unreliability Countermeasures Conclusion
Chapter 24: Attacking Database Software
Network Layer Attacks Application Layer Attacks Running Operating System Commands Exploiting Overruns at the SQL Level Conclusion
Chapter 25: Unix Kernel Overflows
Kernel Vulnerability Types 0day Kernel Vulnerabilities Solaris vfs_getvfssw() Loadable Kernel Module Traversal Vulnerability Conclusion
Chapter 26: Exploiting Unix Kernel Vulnerabilities
The exec_ibcs2_coff_prep_zmagic() Vulnerability Solaris vfs_getvfssw() Loadable Kernel Module Path Traversal Exploit Conclusion
Chapter 27: Hacking the Windows Kernel
Windows Kernel Mode Flaws—An Increasingly Hunted Species Introduction to the Windows Kernel Common Kernel-Mode Programming Flaws Windows System Calls Communicating with Device Drivers Kernel-Mode Payloads Essential Reading for Kernel Shellcoders Conclusion
Index
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion