Conclusion
Server software is a common target for software exploit. Remote attacks against server software are extremely common—so common that a number of the basic attacks have been codified into simple tools. For an easier introduction to parts of the material we have covered
• Table of Contents
in this chapter, read Hacking Exposed [McClure et al., 1999].
•Index
TheExploitingroot Softwarecause atHowthetoheartBreakofCodethe server software problem is one of trusted input. Simply
put, server software that exposes its functionality to the Net must be built defensively, but it
ByGreg Hoglund,Gary McGraw
is only rarely. Instead, server software trusts its input to be both well formed and well
intentioned. Exploits that attack server software take advantage of assumptions made by the
Publisher: Addison Wesley
server soft ware to leverage trust, escalate privilege, and tamper with configurations.
Pub Date: February 17, 2004
ISBN: 0-201-78695-8
Pages: 512
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.
This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about
Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.