Author Description

This Much-anticipated Revision, Written By The Ultimate Group Of Top Security Experts In The World, Features 40 Percent New Content On How To Find Security Holes In Any Operating System Or Applicationnew Material Addresses The Many New Exploitation Techniques That Have Been Discovered Since The First Edition, Including Attacking Unbreakable Software Packages Such As Mcafee's Entercept, Mac Os X, Xp, Office 2003, And Vistaalso Features The First-ever Published Information On Exploiting Cisco's Ios, With Content That Has Never Before Been Exploredthe Companion Web Site Fe Cover; Title Page; Copyright; Dedication; About The Authors; Credits; Acknowledgments; Introduction To The Second Edition; Part I: Introduction To Exploitation: Linux On X86; Chapter 1: Before You Begin; Basic Concepts; Recognizing C And C++ Code Constructs In Assembly; Conclusion; Chapter 2: Stack Overflows; Buffers; The Stack; Overflowing Buffers On The Stack; An Interesting Diversion; Using An Exploit To Get Root Privileges; Defeating A Non-executable Stack; Conclusion; Chapter 3: Shellcode; Understanding System Calls; Writing Shellcode For The Exit() Syscall; Injectable Shellcode Spawning A Shellconclusion; Chapter 4: Introduction To Format String Bugs; Prerequisites; What Is A Format String?; What Is A Format String Bug?; Format String Exploits; Controlling Execution For Exploitation; Why Did This Happen?; Format String Technique Roundup; Conclusion; Chapter 5: Introduction To Heap Overflows; What Is A Heap?; Finding Heap Overflows; Conclusion; Part Ii: Other Platforms-windows, Solaris, Os/x, And Cisco; Chapter 6: The Wild World Of Windows; How Does Windows Differ From Linux?; Heaps; The Genius And Idiocy Of The Distributed Common Object Model And Dce-rpc Debugging Windowsconclusion; Chapter 7: Windows Shellcode; Syntax And Filters; Setting Up; Popping A Shell; Why You Should Never Pop A Shell On Windows; Conclusion; Chapter 8: Windows Overflows; Stack-based Buffer Overflows; Frame-based Excepti