Upload Опубликованный материал нарушает ваши авторские права? Сообщите нам.
Вуз: Предмет: Файл:
Exploiting Software - How to Break Code.pdf
7.95 Mб

But Isn't This Too Dangerous?

It's important to emphasize that none of the information we discuss here is news to the hacker community. Some of these techniques are as old as the hills. Our real objective is to provide some eye-opening information and up the level of discourse in software security.

Table of Contents

SomesecurityIndexperts may worry that revealing the techniques described in this book will encourageExpl iting SoftwaremorepeopleHow to Breakto tryCodethem out. Perhaps this is true, but hackers have always had

better lines of communication and information sharing than the good guys. This information

ByGreg Hoglund,Gary McGraw

needs to be understood and digested by security professionals so that they know the

magnitude of the problem and they can begin to address it properly. Shall we grab the bull

Publisher: Addison Wesley

by the horns or put our head in the sand?

Pub Date: February 17, 2004

PerhapsISBN:this0-book201-78695will-8shock you. No matter what, it will educate you.

Pages: 512

How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.

Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.

This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about

Why software exploit will continue to be a serious problem

When network security mechanisms do not work

Attack patterns

Reverse engineering

Classic attacks against server software

Surprising attacks against client software

Techniques for crafting malicious input

The technical details of buffer overflows


Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break