[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
•Table of Contents
•Index
Exploiting Software How to Break Code
ByGreg Hoglund,Gary McGraw
Publisher: Addison Wesley
Pub Date: February 17, 2004
ISBN: 0-201-78695-8
Pages: 512
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.
This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about
Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
%00u format token 2nd 3rd |
|
%n format token 2nd |
|
%s format string 2nd |
|
.CALL instruction |
|
.END instruction |
|
.ENTER instruction |
|
• |
Table of Contents |
.LEAVE instruction
• Index
.NET
Exploiting Software How to Break Code
and Java 2nd
ByGreg Hoglund,Gary McGraw extensibility of 2nd
future of
Publisher: Addison Wesley
.PROC instruction
Pub Date: February 17, 2004
.PROCEND instruction
/GS compilerISBN:option0-2012nd-786953rd-4th8 5th
_ _security_check_cookie function Pages: 512
_ _security_error_handler function _set_security_error_handler function 0day exploits
IDSs for
undisclosed
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers.
82439TX chips
82559 chips 2nd
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
93C46 chips
techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.
This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about
Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
Access
|
low-level disk 2nd |
||||
|
root |
|
|
||
|
to executable files 2nd |
|
|||
Access Control Lists (ACLs) |
|
||||
Access requirement audits |
|||||
• |
|
Table of Contents |
|||
Activating payloads 2nd |
|||||
• |
|
Index |
|||
Activation zones in injection vectors 2nd
Exploiting Software How to Break Code
Active armor
ByGreg Hoglund,Gary McGraw
ActiveX
and Web browsers 2nd
Publisher: Addison Wesley preloader, local filenames with
Pub Date: February 17, 2004 add_long_cmt function
Adding usersISBN: 0-201-78695-8
Address resolution protocol (ARP)
Pages: 512
cache poisoning attacks in packet leaking in 2nd
Address-based arithmetic 2nd
Addresses
effective
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers.
ADM (Association De Malfaiteurs)
ADM w0rm
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
Administrator access, need for
techniques used by bad guys to break software. If you want to protect your software from
Adoption rates of technologies
attack, you must first learn how real attacks are really carried out.
Aggregation elements
AIX/PowerPC payloads 2nd 3rd 4th 5th
This must-have book may shock you—and it will certainly educate you.Getting beyond the
Akkerman, Wichert
script kiddie treatment found in many hacking books, you will learn about
Alchemy Eye Network attacks 2nd
Allocated memory in heap overflows 2nd 3rd 4th 5th
AlternateWhyencodingsoftware[See Equivalentexploit willinputcontinueand requeststo] be a serious problem
Alternative IP addresses
When network security mechanisms do not work
AN/SP5-73 radar systems
Analog in-band switching signals
Attack patterns
Analytical Engine
AND operator
Reverse engineering
Anomaly-based IDSs 2nd
Anti-aircraft radar systems
Classic attacks against server software
Apache HTTPD, overflow in
API calls
Surprising attacks against client software
buffer overflow in 2nd
for reverse engineering
Techniques for crafting malicious input
mapping 2nd 3rd
tracingThe technical details of buffer overflows
API monitors for injection points 2nd
APISPYRootool tkits
Application security vs. software security
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
Application Service Provider (ASP) model of software licensing
software.
Applications vs. operating systems Applying attack patterns 2nd 3rd 4th 5th Architechtural flow 2nd 3rd
Arguments
expansion of, buffer overflow from in shell command injection
Arithmetic
address-based 2nd
buffer overflow from 2nd 3rd 4th 5th 6th
ARP (address resolution protocol) cache poisoning attacks in packet leaking in 2nd
ARPANET asp dot bug
ASP pages, embedding Perl within
Association De Malfaiteurs (ADM)
Assumptions
•Table of Contents in attack patterns 2nd
•Index
undermining
Exploiting Software How to Break Code at utility
ByGreg Hoglund,Gary McGraw
ATMEL 93C46 chips
Attaching to running processes 2nd
AttackPublisher:examplesAddison Wesley
adding a user with injection Pub Date: February 17, 2004
address-based arithmetic problem ISBN: 0-201-78695-8
alchemy eye network management software file system Pages: 512
alternate encoding triple dot in SpoonFTP
alternate encoding with ghost characters in FTP and Web servers
Apache HTTPD cookie buffer overflow
Baltimore Technologies MailSweeper
breaking Oracle 9i with a socket attack
How does software break? How do attackers make software break on purpose? Why are
buffer overflow in Internet Explorer 4.0 via EMBED tag
firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
buffer overflow in TERM
What tools can be used to break software? This book provides the answers.
buffer overflow on a Cisco router running on a Motorola CPU
buffer qverflow in $HOME
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
building binary files using debug.exe with injection
techniques used by bad guys to break software. If you want to protect your software from
building text files with injection
attack, you must first learn how real attacks are really carried out.
C5 clear forward and seize in-band attack
Cold Fusion CFEXECUTE argument injection
This must-have book may shock you—and it will certainly educate you.Getting beyond the
combined encodings in CesarFTP
script kiddie treatment found in many hacking books, you will learn about
defined
dotless IP addresses in Internet Explorer
EasyNews PHP script XSS
Why software exploit will continue to be a serious problem
embedded Perl script that calls system() to execute netcat
embeddedWhenPerlnetworkscripts withinsecurityASP mechanisms do not work
embedded script in nonscript element from GNU mailman XSS
entrustAttackand injectionpatterns
escaped slashes in alternate encodings
ExcelReversehost () functionengineering
executable fonts
Classic attacks against server software
file traversal, query string, and GroupWise
file traversal, query string, and Hsphere
Surprising attacks against client software
filter failure in Taylor UUCP daemon
FTP glob()
Techniques for crafting malicious input
Horde IMP
Hotmail Java tag filtering
The technical details of buffer overflows
HPUX passwd
HTTP headers in webalizer XSS
Rootkits
Informix database file system
Exploitinginjection andSoftwareFTP is filled with the tools, concepts, and knowledge necessary to break
softwareinjection.and remote xterms injection and Tiny FTP (TFTP)
IPSwitch Imail, blind trusted mailbox name ixsso.query ActiveX object
Javascript alert dialog XSS keyboard buffer injection Libc in FreeBSD
local filenames and the ActiveX preloader
the Internet Explorer GetObject() call
Attack patterns 2nd
alternate encoding of leading ghost characters alternative IP addresses
API calls for buffer overflow applying 2nd 3rd 4th 5th argument injection attacker viewpoint 2nd binary resource files
•Table of Contents blueprints for disaster 2nd 3rd
•Index
boxes
Exploiting Software How to Break Code
C++ compiler example 2nd 3rd 4th 5th 6th 7th 8th 9th
ByGreg Hoglund,Gary McGraw
choosing
client invisibility
clientPublisher:-side injectionAddis andWesleybuffer overflow
command delimiters
Pub Date: February 17, 2004
configuration files
ISBN: 0-201-78695-8
for search paths Pages: 512
to run command to elevated privilege
content-based file system function injection
defined
direct access to executable files
embedding scripts
How does software break? How do attackers make software break on purpose? Why are
in nonscript elements
firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
within scripts
What tools can be used to break software? This book provides the answers.
environment variables
for buffer overflow
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
manipulating
techniques used by bad guys to break software. If you want to protect your software from
escaped slashes in alternate encoding
attack, you must first learn how real attacks are really carried out.
executable code in nonexecutable files
filter failure through buffer overflow
This must-have book may shock you—and it will certainly educate you.Getting beyond the
global variables
script kiddie treatment found in many hacking books, you will learn about
HTTP cookies
HTTP query strings
in-band switching signals
Why software exploit will continue to be a serious problem
local command-line utilities for buffer overflow
localWhenfilenamesnetworkpassed tosecurityfunctionsmechanismsexpecting URLs do not work
lock picks in
metaAttack-characterspatternsin e-mail headers
MIME conversion
multipleReverseparsersengineeringand double escapes
open-systems view 2nd 3rd 4th 5th 6th
Classic attacks against server software
parameter expansion
postfix NULL terminators
Surprising attacks against client software
programs writing to privileged OS resources
relative path traversal
Techniques for crafting malicious input
session IDs, resource IDs, and blind trusts
simple script injection
The technical details of buffer overflows
slashes in alternate encoding 2nd
string format overflow in syslog
Rootkits
taxonomy of 2nd 3rd 4th
Exploitingtrust in 2ndSoftwareis filled with the tools, concepts, and knowledge necessary to break
softwareunicode.encoding
URL encoding 2nd user-controlled filenames
user-supplied variables passed to file system calls UTF-8 encoding
variable and tag overflow web logs
web server misclassification
XSS in HTTP headers
Attack signatures 2nd 3rd
Attacker
defined 2nd
hiding identity of 2nd in attack patterns 2nd intention
viewpoint Audit logs
•Table of Contents poisoning 2nd
•Index
truncation of
Exploiting Software How to Break Code
Auditing
ByGreg Hoglund,Gary McGraw
automatic and bulk 2nd 3rd 4th 5th 6th 7th 8th 9th 10th
for directly executable files
humansPublisher:bestAddisonat Wesley
Authentication
Pub Date: February 17, 2004
multiple paths of
ISBN: 0-201-78695-8
session Pages: 512
Automated attacks
Automatic auditing 2nd 3rd 4th 5th 6th 7th 8th 9th 10th
AUTORUN.INF file 2nd
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.
This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about
Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
Babbage, Charles
Backdoors
from worms history of
in attack patterns
•in flash ROMTable of Contents in outsourced software
•Index
on TFTP
Exploiting Software How to Break Code
on X Windows
ByGreg Hoglund,Gary McGraw prevalence of
Backslashes (\)
Publisher: Addison Wesley for Null terminators
Pub Date: February 17, 2004 in alternate encoding 2nd 3rd
in shellISBN:command0-201-injection78695-8
Backtracing 2nd 3rd
Pages: 512
Backwash attacks
Bad software 2nd
Bad Software (Kanar and Pels) Baggage handling systems
Banks, attacks on
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers.
BGP (Border Gateway Protocol) handlers
Big endian byte ordering
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
in MIPS processors
techniques used by bad guys to break software. If you want to protect your software from
vs. little endian
attack, you must first learn how real attacks are really carried out.
Binary files
overflow in 2nd
This must-have book may shock you—and it will certainly educate you.Getting beyond the
patching 2nd
script kiddie treatment found in many hacking books, you will learn about
NT kernel 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th
peephole patches 2nd 3rd
shellWhycommandsoftwareinjectionexploitfor 2ndwill3rd continue to be a serious problem
Binary flags for state
When network security mechanisms do not work
BIND, buffer overflows in
Biological defense models
Attack patterns
BIOS memory
Black box analysis
Reverse engineering
for reverse engineering 2nd
limitations of
Classic attacks against server software
vs. white box analysis
Black lists
Surprising attacks against client software
for input
vs. white lists 2nd
Techniques for crafting malicious input
BlackHat security conference
BlasterThewormtechnical details of buffer overflows
Blind trust 2nd bltzal instructionRootkits
Blue boxes 2nd 3rd
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
Blueprints for disaster 2nd 3rd
software.
bnel instruction Boot disk attacks
Border Gateway Protocol (BGP) handlers
Boron tags
checking for 2nd for security
in buffer overflow in code tracing
Branch delay
Branches
in AIX/PowerPC 2nd on PA-RISC 2nd
Bray, Brandon
Breakpoints
for input path tracing 2nd
in reverse engineering 2nd 3rd 4th in runtime tracing 2nd
•Table of Contents memory page
•Index
Browsing directories 2nd
Exploiting Software How to Break Code
Brute forcing session IDs
ByGreg Hoglund,Gary McGraw
BSD distribution, arithmetic problems in 2nd
Buffer overflow 2nd 3rd 4th
auditPublisher:truncationAddisonandWesleyfilters with
content-based 2nd 3rd
Pub Date: February 17, 2004
from arithmetic errors 2nd 3rd 4th 5th 6th ISBN: 0-201-78695-8
from environment variables 2nd 3rd Pages: 512
from format strings 2nd 3rd 4th 5th 6th 7th
from multiple operations
from parameter expansion
gets for
heap overflows 2nd 3rd 4th 5th
How does software break? How do attackers make software break on purpose? Why are
in BIND
firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
in C++ 2nd 3rd 4th 5th 6th 7th 8th 9th 10th
What tools can be used to break software? This book provides the answers.
in client software 2nd 3rd
in databases 2nd
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
in domain name servers
techniques used by bad guys to break software. If you want to protect your software from
in embedded systems 2nd 3rd 4th
attack, you must first learn how real attacks are really carried out.
in helpctr.exe 2nd 3rd 4th 5th
in Java 2nd 3rd
This must-have book may shock you—and it will certainly educate you.Getting beyond the
injection vectors in 2nd 3rd 4th 5th 6th
script kiddie treatment found in many hacking books, you will learn about
kernel
payloads in 2nd 3rd 4th 5th 6th 7th 8th
potential sources 2nd 3rd
Why software exploit will continue to be a serious problem
Prolog/Epilog code for 2nd 3rd 4th 5th 6th
securityWhenchecksnetworkfor security mechanisms do not work
stack overflow 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th
stateAttackcorruptionpatternsin 2nd
trampolining with [See Trampoline attack]
twoReverse-stage 2nd engineering
Buffers
Classic attacks against server software
keyboard, character injection in
shared, leaking data in 2nd 3rd
Surprising attacks against client software
tracing
Bug instantiations
Techniques for crafting malicious input
Bugs
defined
The technical details of buffer overflows
in open-systems view
per thousand lines of code 2nd 3rd
Rootkits
reports and fixes, as vulnerability sources
BugtraqExploitingmailingSoftwarelist is filled with the tools, concepts, and knowledge necessary to break
BuildingsoftwareSecure. Software (Viega and McGraw) 2nd 3rd 4th 5th 6th Bulk auditing 2nd 3rd 4th 5th 6th 7th 8th 9th 10th bulk_audit_sprintf.idc script 2nd 3rd 4th 5th
Burning out hardware Business software bv instruction
Byte code disassemblers
Byte operations
in reversing parser code 2nd
with pointers
•Table of Contents
•Index
Exploiting Software How to Break Code
ByGreg Hoglund,Gary McGraw
Publisher: Addison Wesley
Pub Date: February 17, 2004
ISBN: 0-201-78695-8
Pages: 512
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.
This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about
Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
C and C++ language
|
buffer overflow in |
|
|
escape codes in |
|
|
exploit example 2nd 3rd 4th 5th 6th 7th 8th 9th |
|
|
for Java 2nd |
|
• |
string handling routines in |
|
|
Table of Contents |
|
• |
vtables |
Index |
C5 (CCITT-5) signaling system 2nd
Exploiting Software How to Break Code
Call hooking
ByGreg Hoglund,Gary McGraw for backtracing 2nd 3rd
for hiding processes
Publisher: Addison Wesley for red pointing
Pub Date: February 17, 2004
for removing process records 2nd 3rd 4th IDTs ISBN: 0-201-78695-8
structure of 2nd Pages: 512
system calls
Call stacks for dead ends and runouts
Call throughs, registers for
can_read function 2nd
Canary values 2nd 3rd
How does software break? How do attackers make software break on purpose? Why are
defeating
firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers.
Car engine control codes
Carriage returns in shell command injection
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
Cascade interrupt
techniques used by bad guys to break software. If you want to protect your software from
Categories of subversive code
attack, you must first learn how real attacks are really carried out.
CCITT-5 (C5) signaling system 2nd
CD-ROM images 2nd
This must-have book may shock you—and it will certainly educate you.Getting beyond the
Cellular phones
script kiddie treatment found in many hacking books, you will learn about
CesarFTP server
CFEXECUTE tag
CFI (CommonWhy softwareFlash Interface)exploitfor chipwilldetectioncontinue2ndto be a serious problem
cgi programs
When network security mechanisms do not work
misclassification with
with Web servers
Attack patterns
Chaos theory
Character conversions
Reverse engineering
in equivalent requests 2nd 3rd 4th
in reversing parser code
Classic attacks against server software
Character injection 2nd 3rd
Character sets, hostile
Surprising attacks against client software
Chat clients for backtrace code 2nd
check_boron function 2nd
Techniques for crafting malicious input
check_password function
check_targetThe technicalfor string functiondetails2ndof 3rdbuffer overflows
Checked build environment
ChecksumsRootkitsfor payloads 2nd
Chipping cars
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
Chips, detecting 2nd 3rd 4th
software.
CIH virus 2nd 3rd 4th 5th 6th Cisco routers, buffer overflow in 2nd Classification
in attacks 2nd
of subversive code Client software 2nd
assumptions in 2nd
buffer overflows on 2nd 3rd content-based attacks on 2nd
cross-site scripting 2nd 3rd 4th 5th database
honeypots in 2nd 3rd
in-band signals for 2nd 3rd 4th 5th 6th 7th 8th invisibility of
scripts and malicious code with 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th server control of 2nd
Code address targets for injection vectors 2nd
•Table of Contents
Code coverage
•Index
for reverse engineering 2nd
Exploiting Software How to Break Code in runtime tracing
ByGreg Hoglund,Gary McGraw tools for 2nd 3rd 4th 5th 6th 7th
Code paths in FTP servers 2nd
CodePublisher:Red wormAddison2nd Wesley
Code tracing 2nd 3rd
Pub Date: February 17, 2004
API calls
ISBN: 0-201-78695-8
backtracing 2nd 3rd Pages: 512
boron tagging in
buffers
dead ends and runouts in
in server software 2nd 3rd 4th 5th 6th
leapfrogging in 2nd
How does software break? How do attackers make software break on purpose? Why are
memory page breakpoints in
firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
program execution flow 2nd
What tools can be used to break software? This book provides the answers.
runtime 2nd
Code-signing errors in Java
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
Cold Fusion, CFEXECUTE injection in
techniques used by bad guys to break software. If you want to protect your software from
Combined attacks with equivalent requests 2nd
attack, you must first learn how real attacks are really carried out.
Command and control activities
Command-line parameters
This must-have book may shock you—and it will certainly educate you.Getting beyond the
for executable files
script kiddie treatment found in many hacking books, you will learn about
for setuid
Commands and command lines
buffer overflow from 2nd 3rd
Why software exploit will continue to be a serious problem
delimiters in 2nd 3rd
in inputWhen network security mechanisms do not work
in JVMs
injectingAttack[SeepatternsShell command injection]
separators in
CommercialReversesystems,engineeringembedded systems in
Common Flash Interface (CFI) for chip detection 2nd
Classic attacks against server software
Common Runtime Language (CRL)
Communications systems
Surprising attacks against client software
embedded systems in
in software
Techniques for crafting malicious input
COMP.RISKS mailing list
Compiler flaw 2nd 3rd 4th 5th 6th 7th 8th 9th
The technical details of buffer overflows
Complex computational systems
Complexity
Rootkits
of computer models
Exploitingof software 2ndSoftwareis filled with the tools, concepts, and knowledge necessary to break
Componentsoftware.-based software
future of
logically distributed systems for Components in attack patterns 2nd Computation, future of 2nd Computer science theory 2nd
Computer Security Institute (CSI) survey
Computer-Related Risks (Neumann)
Concept virus
Conditional branches, code coverage tools for 2nd
Configuration files
for elevated privilege search paths in
server software trust in 2nd 3rd 4th 5th Connectivity of software 2nd Content-based attacks
buffer overflow 2nd 3rd
•Table of Contents on client software 2nd
•Index
Contexts for threads 2nd
Exploiting Software How to Break Code continue command
ByGreg Hoglund,Gary McGraw
Contract software
backdoors in
futurePublisher:of 2ndAddison Wesley
Control codes
Pub Date: February 17, 2004
for client software 2nd ISBN: 0-201-78695-8
for terminals 2nd Pages: 512
Controller chips, keyboard
Conversions
ASCII chart 2nd 3rd
character 2nd 3rd 4th 5th
MIME
How does software break? How do attackers make software break on purpose? Why are
Cookies
firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
for session IDs
What tools can be used to break software? This book provides the answers.
overflow in 2nd
Coprocessor interrupt
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
Copy protection schemes
techniques used by bad guys to break software. If you want to protect your software from
and reverse engineering
attack, you must first learn how real attacks are really carried out.
decompiling
Copyright law
This must-have book may shock you—and it will certainly educate you.Getting beyond the
Copyright mechanisms, patching
script kiddie treatment found in many hacking books, you will learn about
Corrupting
log files
states 2nd
Why software exploit will continue to be a serious problem
Covert communication
Cowan,WhenCrispinnetwork2nd 3rd security mechanisms do not work
CPU registers
examiningAttack2ndpatterns
for boron tags 2nd
in injectionReversevectorsengineering2nd
in MIPS
Classic attacks against server software
in SPARC
Cracking tools
Surprising attacks against client software
Crafted input 2nd 3rd
audit poisoning with 2nd
Techniques for crafting malicious input
code tracing for 2nd 3rd 4th 5th 6th 7th
defending against 2nd
The technical details of buffer overflows
equivalent requests in [See Equivalent input and requests]
filters for 2nd
Rootkits
IDSs for 2nd 3rd 4th 5th
ExploitingmisclassificationSoftwarein 2nd is filled with the tools, concepts, and knowledge necessary to break
softwarepartition.analysis in 2nd 3rd
reversing parser code 2nd 3rd 4th 5th 6th 7th 8th 9th 10th CreateFile function
Cross-site scripting [See XSS (cross-site scripting)]
CRT_INIT function
Cryptography in geographically distributed systems
Cryptotrojan attacks
CSI (Computer Security Institute) survey
CVE vulnerabilities catalog
CWD (Current Working Directory)
for servers
redirection with
CyberCop tool
•Table of Contents
•Index
Exploiting Software How to Break Code
ByGreg Hoglund,Gary McGraw
Publisher: Addison Wesley
Pub Date: February 17, 2004
ISBN: 0-201-78695-8
Pages: 512
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.
This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about
Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
Damage potential in open-systems view 2nd |
|
Data blocks in injection vectors |
|
Data bombs |
|
Data chains, character conversion in |
|
Data collection by subversive code |
|
Data encryption algorithms, publishing |
|
• |
Table of Contents |
Data files, buffer overflow in 2nd 3rd |
|
• |
Index |
Data leaking in shared buffers 2nd 3rd
Exploiting Software How to Break Code
Data sections for payloads 2nd
ByGreg Hoglund,Gary McGraw
Database buffer overflows 2nd
Dead ends in code tracing
Publisher: Addison Wesley
Dead listings for input path tracing
Pub Date: February 17, 2004
Debug logs for helpctr.exe
debug.exeISBN:program0-2012nd-786953rd -8
Debugging and debuggers
Pages: 512
for binary file building 2nd 3rd
for reverse engineering 2nd 3rd 4th 5th multithreading programs 2nd 3rd 4th rootkits as
tools for
How does software break? How do attackers make software break on purpose? Why are
firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
Decompiler
What tools can be used to break software? This book provides the answers.
Decompiling 2nd
helpctr.exe 2nd 3rd 4th 5th
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
in reverse engineering
techniques used by bad guys to break software. If you want to protect your software from
Deferred procedure calls (DPCs)
attack, you must first learn how real attacks are really carried out.
Delay slot
Delayed coordinate embedding
This must-have book may shock you—and it will certainly educate you.Getting beyond the
Delimiters 2nd 3rd 4th
script kiddie treatment found in many hacking books, you will learn about
Denial-of-service problems
Denver International Airport baggage handling system
Design-Whylevel vulnerabilitiessoftware exploit2nd will continue to be a serious problem
Destination buffers in helpctr.exe 2nd 3rd
When network security mechanisms do not work
Desynchronization of packets 2nd
Detecting
Attack patterns
chips 2nd 3rd 4th
code problems
Reverse engineering
rootkits
Developing Windows NT Device Drivers (Dekker and Newcomer)
Classic attacks against server software
Device drivers [See Drivers]
DialogProc function
Surprising attacks against client software
Digital Millennium Copyright Act (DMCA) 2nd
Digital rights management, limitations of
Techniques for crafting malicious input
Digital tradecraft 2nd 3rd
Dir commandThe technical details of buffer overflows
Direct access to executable files 2nd
DirectoriesRootkits
browsing 2nd
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
hiding 2nd 3rd
software.
permissions on redirecting
Disabling Windows system file protection
Disasm function
Disassembly 2nd 3rd
for buffer overflow 2nd
in reverse engineering 2nd 3rd Discriminator digits in phone systems Disk access, rootkits for 2nd
Disk controller interrupt
Distributed systems 2nd
Diversions by IDSs
DLL files
and fonts
buffer overflows from
DMCA (Digital Millennium Copyright Act) 2nd
Domain name servers (DNS)
•Table of Contents buffer overflows in
•Index
in attack patterns
Exploiting Software How to Break Code in shell command injection
ByGreg Hoglund,Gary McGraw
Dotless IP addresses
Double escapes in shell command injection
DPCsPublisher:(deferredAddisonprocedureWesleycalls)
Dr. Watson log file
Pub Date: February 17, 2004
Dr. Watson utility 2nd
ISBN: 0-201-78695-8
DrainOutputBuffer function 2nd
Pages: 512
DrawGLScene function
Drip-scans
DriverEntry function 2nd 3rd 4th 5th 6th 7th
Drivers
filter 2nd
How does software break? How do attackers make software break on purpose? Why are
for kernel rootkits 2nd 3rd 4th 5th 6th 7th 8th
firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
for Trojan executable redirection 2nd 3rd 4th 5th 6th
What tools can be used to break software? This book provides the answers.
in reverse engineering
network support for 2nd 3rd 4th 5th 6th 7th 8th 9th 10th
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
programs using 2nd
techniques used by bad guys to break software. If you want to protect your software from
registering 2nd 3rd
attack, you must first learn how real attacks are really carried out.
structure of 2nd
unloadable 2nd
This must-have book may shock you—and it will certainly educate you.Getting beyond the
Dumb terminals
script kiddie treatment found in many hacking books, you will learn about
dumpbin utility
Dumping memory 2nd
Dynamic execution for red pointing
Why software exploit will continue to be a serious problem
Dynamic jump tables for payloads 2nd
dyninstAPIWhentoolnetwork security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
E-mail attachments |
|
E-mail injection 2nd 3rd 4th |
|
ea_t types |
|
EasyNews scripts |
|
echo command |
|
Economic threats |
|
• |
Table of Contents |
EEPROM chips 2nd |
|
• |
Index |
burning out hardware
Exploiting Software How to Break Code
enabling read and write from ByGreg Hoglund,Gary McGraw in Ethernet cards 2nd 3rd 4th
manufacturers of
Publisher: Addison Wesley serial vs. parallel 2nd
Pub Date: February 17, 2004 timing in
EffectiveISBN:addresses,0-201structure-78695-8for
EFTP server, overflow in
Pages: 512
Electronic warfare
Elevated privilege problem 2nd 3rd 4th elitewrap program
EMBED tags
Embedded scripts 2nd
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers.
future of 2nd
in cellular phones
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
Emergent computation
techniques used by bad guys to break software. If you want to protect your software from
Encapsulation
attack, you must first learn how real attacks are really carried out.
future of 2nd
of OSs
This must-have book may shock you—and it will certainly educate you.Getting beyond the
Encryption algorithms, publishing
script kiddie treatment found in many hacking books, you will learn about
End-user license agreements (EULAs)
Engine control code
EnumeratingWhy threadssoftwareand exploitprocesseswill2nd continue to be a serious problem
EnumSubKeys function 2nd 3rd 4th
When network security mechanisms do not work
Environment variables
buffer overflow in 2nd 3rd
Attack patterns
in server software 2nd 3rd 4th
Environmental effects 2nd 3rd
Reverse engineering
Equivalent input and requests
API layer mapping for 2nd 3rd
Classic attacks against server software
character conversion in 2nd 3rd 4th
combined attacks in 2nd
Surprising attacks against client software
ghost characters in 2nd 3rd
meta-characters in 2nd 3rd 4th
Techniques for crafting malicious input
on IDSs 2nd
Error codeThecheckingtechnicalin serverdetailssoftwareof buffer overflows
Error handling and recovery systems 2nd
EscapeRootkitscodes
in alternate encoding
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
in API calls
software.
in log files
in shell command injection 2nd meta-characters
with in-band signaling 2nd 3rd 4th Espionage 2nd 3rd
Ethernet cards, EEPROM in 2nd 3rd 4th
Ethernet scrubbing problem 2nd
EULAs (end-user license agreements)
Excel, host function in
Exception handling for buffer overflow
overwriting frames for exec function Executable code and files
direct access to 2nd in nonexecutable files in WINNT 2nd
•Table of Contents single stepping for 2nd
•Index
vs. source code
Exploiting Software How to Break Code execv function
ByGreg Hoglund,Gary McGraw
Exim, overflow in
Existing code in injection vectors
Exploit,Publisher:definedAddison Wesley
Exploits in attack patterns 2nd
Pub Date: February 17, 2004
Exposure in open-systems 2nd
ISBN: 0-201-78695-8
Expressions Pages: 512
for input path tracing 2nd
in shell command injection
Extensibility of software 2nd 3rd 4th
External branch instructions on PA-RISC
External input in software 2nd 3rd
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.
This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about
Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
F00F bug
Failure recovery systems
Failure Simulation Tool (FST) 2nd
False positives in white box analysis |
|
Fault injection 2nd 3rd |
|
Fault-tolerant systems |
|
• |
Table of Contents |
Faults, leveraging
• Index
Feedback events
Exploiting Software How to Break Code
Felten, Ed 2nd 3rd
ByGreg Hoglund,Gary McGraw
Fenris tool 2nd
File handles for drivers
Publisher: Addison Wesley
File streams specifier, misclassification in
Pub Date: February 17, 2004
File systems 2nd
AlchemyISBN:Eye0-Network201-786952nd-8
directory browsing 2nd Pages: 512
filenames in Informix Database
injection attacks on 2nd traversal in 2nd
user-supplied variables passed to
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers.
buffer overflow in
code paths in 2nd
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
ghost characters with
techniques used by bad guys to break software. If you want to protect your software from
filemon tool
attack, you must first learn how real attacks are really carried out.
Filenames
URLs replaced by 2nd
This must-have book may shock you—and it will certainly educate you.Getting beyond the
XSS in
script kiddie treatment found in many hacking books, you will learn about
Files
controllable
hidingWhy2ndsoftware3rd exploit will continue to be a serious problem
FileSystemObject, attacks on
Filters When network security mechanisms do not work
drivers for 2nd
Attack patterns
for commands
for input 2nd
Reverse engineering
for server software input
in IDSs
Classic attacks against server software
in parsing
in shell command injection
Surprising attacks against client software
with buffer overflow
Financial threats
Techniques for crafting malicious input
Firewalls
as reactiveThe technicaltechnologydetails of buffer overflows
for port scans
limitationsRootkitofs
Firewalls and Internet Security (Cheswick, Bellovin, and Rubin)
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
Firmware exploitation
software.
First parallel port interrupt First serial port interrupt
Fixed-size buffers in stack overflow 2nd
Flash RAM, detecting
Flash ROM 2nd
Flaws
defined
in open-systems view Floating point unit interrupt
flog function
Floppy disk controller interrupt
Fluttering windows
FML mailing list archive 2nd FnDebugDispatch function 2nd Fonts, executable fOpenThread function
Forking processes
•Table of Contents
Format string vulnerabilities 2nd 3rd 4th 5th 6th 7th
• Index
Formatting poison pills
Exploiting Software How to Break Code
Forms, trust assumptions in
ByGreg Hoglund,Gary McGraw
Forwards, injection with
FoundScan tool
FragmentationPublisher: Addisonof packetsWesley
fread function
Pub Date: February 17, 2004
Free build environments
ISBN: 0-201-78695-8
free function Pages: 512
FreeBSD distribution
address-based arithmetic in 2nd
buffer overflow in
freedom to tinker site
FS register
How does software break? How do attackers make software break on purpose? Why are
FST (Failure Simulation Tool) 2nd
firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
FTP (File Transfer Protocol) servers
What tools can be used to break software? This book provides the answers.
attacks on
buffer overflow in
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
code paths in 2nd
techniques used by bad guys to break software. If you want to protect your software from
ghost characters with
attack, you must first learn how real attacks are really carried out.
Function call nesting
Function return addresses in buffer overflow attacks
This must-have book may shock you—and it will certainly educate you.Getting beyond the
Future of software
script kiddie treatment found in many hacking books, you will learn about
long-term 2nd 3rd
medium-term 2nd 3rd
short-term 2nd 3rd 4th 5th
Why software exploit will continue to be a serious problem
threads in
fwrite functionWhen network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
Gates
GDB tool 2nd 3rd 4th 5th 6th
General problems
General registers in SPARC
Generic rules in injection vectors
Geographically distributed systems |
|
• |
Table of Contents |
Geopolitics in indirection |
|
• |
Index |
GET requests
Exploiting Software How to Break Code
in PHP
ByGreg Hoglund,Gary McGraw
segmented
get_func_qty function
Publisher: Addison Wesley get_user_defined_prefix function 2nd
Pub Date: February 17, 2004 getFilenameDialog function 2nd
getn_funcISBN:function0-201-78695-8
GetObject function 2nd
Pages: 512
getopt function GetProcAddress function gets function
Ghost characters 2nd 3rd
glob function
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers.
in buffer overflow attacks
in PHP 2nd 3rd
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
GlobalAlloc function
techniques used by bad guys to break software. If you want to protect your software from
GNU Mailman, embedded scripts in
attack, you must first learn how real attacks are really carried out.
GOT (global offset table) pointers
Graphing
This must-have book may shock you—and it will certainly educate you.Getting beyond the
for reverse engineering software
script kiddie treatment found in many hacking books, you will learn about
phase space analysis 2nd 3rd 4th
Gray box analysis
for inputWhypathsoftwaretracing exploit will continue to be a serious problem
for reverse engineering 2nd 3rd
When network security mechanisms do not work
on Microsoft SQL Server 2nd 3rd
grep tool
Attack patterns
GroupWise, file traversal in
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
Hackers
defined
Hacking Exposed (McClure, Scambray, and Kurtz) 2nd 3rd 4th 5th |
||
Hailstorm tool 2nd 3rd |
||
Handle inheritance |
|
|
Hard-coded function calls for payloads |
||
• |
Table of Contents |
|
Hardware viruses 2nd 3rd |
||
• |
Index |
|
burning out hardware
Exploiting Software How to Break Code
chip detection 2nd 3rd 4th ByGreg Hoglund,Gary McGraw
CIH 2nd 3rd 4th 5th
EEPROM in
Publisher: Addison Wesley
enabling read/write from
Pub Date: February 17, 2004
Ethernet cards 2nd 3rd 4th
manufacturersISBN: 0-201-of78695-8
serial vs. parallel 2nd Pages: 512
reading and writing hardware memory 2nd 3rd 4th 5th 6th 7th 8th Hash loading for payloads 2nd
Hayes modem protocol, reflection problem with
Headers
e-mail 2nd
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers.
HeapFree function 2nd
helpctr.exe, reversing 2nd 3rd 4th 5th
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
Hiding
techniques used by bad guys to break software. If you want to protect your software from
attacker identity 2nd
attack, you must first learn how real attacks are really carried out.
files and directories 2nd 3rd
processes
This must-have book may shock you—and it will certainly educate you.Getting beyond the
rootkit programs
script kiddie treatment found in many hacking books, you will learn about
storage files
High-potency attacks in open-systems view
HighlandWhyaddressessoftware exploit will continue to be a serious problem
History of software 2nd 3rd 4th
When network security mechanisms do not work
Hollingsworth, Jeff
Holodeck tool
Attack patterns
HOME environment variable
Honeypots 2nd 3rd
Reverse engineering
Hooking [See Call hooking]
Horde IMP, injection with 2nd
Classic attacks against server software
host function
Host-based fault injectors
Surprising attacks against client software
Hostile character sets
Hostile statement sets
Techniques for crafting malicious input
HOSTNAME environment variable
Hot fixesThe technical details of buffer overflows
Hotmail, injection with
House ofRootklogic its
Howard, Michael 2nd
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
HPUX
software.
buffer overflow in
self-decrypting payloads on 2nd 3rd HSphere, file traversal in
HTML
escape codes for injection with maxsize attribute in
HTTP
cookies in 2nd
headers in
query strings in 2nd
hunt_address function 2nd 3rd 4th 5th
•Table of Contents
•Index
Exploiting Software How to Break Code
ByGreg Hoglund,Gary McGraw
Publisher: Addison Wesley
Pub Date: February 17, 2004
ISBN: 0-201-78695-8
Pages: 512
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.
This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about
Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
I LOVE YOU virus 2nd 3rd
I-Planet Server, decompiling 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th
IceCast MP3 Server, URL encoding in
ID mode for chip detection 2nd 3rd
IDA (Interactive Disassembler)
• |
batch analysis with 2nd 3rd 4th 5th 6th 7th 8th |
|
Table of Contents |
||
|
for decompiling 2nd |
|
• |
Index |
|
|
||
for input path tracing
Exploiting Software How to Break Code
for mapping runtime memory addresses ByGreg Hoglund,Gary McGraw
for partition analysis
for signed/unsigned mismatches 2nd
Publisher: Addison Wesley for white box analysis
Pub Date: February 17, 2004
plugins for 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th trackingISBN:work0-201with-78695-8
IDC scripts 2nd 3rd 4th 5th 6th 7th 8th
Pages: 512
IDE channel interrupts 2nd
Identity, hiding 2nd
IDSs (intrusion detection systems) alternate encodings with 2nd
as reactive subscription services 2nd
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers.
IDTs (Interrupt Descriptor Tables), hooking
IDv3 tags
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
IIS Server
techniques used by bad guys to break software. If you want to protect your software from
elevated privileges in
attack, you must first learn how real attacks are really carried out.
unicode encodings in
ILoveYou virus 2nd 3rd
This must-have book may shock you—and it will certainly educate you.Getting beyond the
Implicit trust assumption
script kiddie treatment found in many hacking books, you will learn about
In instruction
In registers in SPARC
In-bandWhysignalssoftware exploit will continue to be a serious problem
C5 attack example 2nd
When network security mechanisms do not work
for character injection 2nd 3rd
history of 2nd
Attack patterns
in cross-site scripting 2nd 3rd 4th 5th
reflection with
Reverse engineering
uses of 2nd
with printers 2nd
Classic attacks against server software
include function
Indirection in attack patterns 2nd
Surprising attacks against client software
info command 2nd
info reg command 2nd
Techniques for crafting malicious input
Information warfare (IW) 2nd 3rd 4th
InformixTheDatabasetechnical details of buffer overflows
Inheritance, permission
init functionRootkits
Injection
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
character 2nd 3rd
software.
command [See Shell command injection] e-mail 2nd 3rd 4th
on file systems 2nd Injection points 2nd Injection vectors 2nd
code address targets for 2nd existing code in
in attack patterns 2nd number representation in
registers in 2nd Input files, finding Input tracing
in reverse engineering 2nd
in server software 2nd 3rd 4th 5th 6th Input/output request packets (IRPs) Inputs
crafted [See Crafted input]
•Table of Contents in black box analysis
•Index
in open-systems view
Exploiting Software How to Break Code in partition analysis
ByGreg Hoglund,Gary McGraw
Inside-out breakpoints
Instruction pointers
inPublisher:MIPS processorsAddison2ndWesley
injection vectors with 2nd 3rd Pub Date: February 17, 2004
Intel interrupt request architecture 2nd 3rd
ISBN: 0-201-78695-8
Intellectual property laws
Pages: 512
Intelligence gathering 2nd 3rd
Intelligent devices
Inter-space branching 2nd
Inter-space trampolines
Interactive Disassembler [See IDA (Interactive Disassembler)]
How does software break? How do attackers make software break on purpose? Why are
Interactive shells 2nd
firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
Internal states
What tools can be used to break software? This book provides the answers.
in software 2nd
mapping 2nd
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
Internet
techniques used by bad guys to break software. If you want to protect your software from
adoption rate of
attack, you must first learn how real attacks are really carried out.
connectivity with [See Connectivity]
security on
This must-have book may shock you—and it will certainly educate you.Getting beyond the
Internet Explorer
script kiddie treatment found in many hacking books, you will learn about
content-based attacks on
dotless IP addresses in
GetObject call in 2nd
Why software exploit will continue to be a serious problem
Internet toaster
InterruptWhenDescriptornetworkTablessecurity(IDTs), hookingmechanisms do not work
Interrupt request (IRQ) architecture 2nd 3rd
InterruptsAttack patterns
IDT hooking
IRQReversearchitectureengineering2nd 3rd
Programmable Interrupt Controllers 2nd
Classic attacks against server software
Intrusion Detection Systems (IDSs)
alternate encodings with 2nd
Surprising attacks against client software
as reactive subscription services 2nd
failures of
Techniques for crafting malicious input
signature-based vs. anomaly-based 2nd
signatures in
The technical details of buffer overflows
Invisibility of clients
Inward operators
Rootkits
IP addresses
Exploitingalternative Softwareis filled with the tools, concepts, and knowledge necessary to break
softwarein attack. patterns IPSwitch Imail, blind trusts in
IRC.DLL for backtrace code 2nd
IRPs (input/output request packets)
IRQ (interrupt request) architecture 2nd 3rd
ISO9660 file system
ITS4 program IXIA tool ixsso.query object
•Table of Contents
•Index
Exploiting Software How to Break Code
ByGreg Hoglund,Gary McGraw
Publisher: Addison Wesley
Pub Date: February 17, 2004
ISBN: 0-201-78695-8
Pages: 512
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.
This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about
Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
Java
|
and .NET 2nd |
|
|
|
buffer overflow in 2nd 3rd |
||
|
byte code disassemblers for |
||
|
extensibility of |
|
|
• |
security. [See Security,Java] |
||
Table of Contents |
|||
Java Virtual Machine (JVM) |
|||
• |
Index |
||
buffer overflows in 2nd 3rd
Exploiting Software How to Break Code
encapsulation of
ByGreg Hoglund,Gary McGraw extensibility of
Javascript, alert dialog attack in
Publisher: Addison Wesley
JEDEC ID mode 2nd 3rd
Pub Date: February 17, 2004 jedec_read_id function
jedec_readISBN:mfr0-function201-78695-8
jedec_reset function Pages: 512
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.
This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about
Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
KeCancelTimer function
Kernel
|
buffer overflows |
||
|
in reverse engineering |
||
|
infecting images of |
|
|
• |
modifying Table of Contents |
||
• |
patching 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th |
||
Index |
|||
Kernel rootkits 2nd
Exploiting Software How to Break Code
building
ByGreg Hoglund,Gary McGraw checked build environment for
drivers for 2nd 3rd 4th 5th 6th 7th 8th
Publisher: Addison Wesley files for
Pub Date: February 17, 2004 writing
Kernel-modeISBN:debugger0-201-78695-8
KERNEL32.DLL
Pages: 512
KeSetTimerEx function
KeStallExecutionProcessor function
Key logging 2nd
Keyboard buffer injection
Keyboards
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers.
reading and writing to 2nd 3rd 4th 5th 6th 7th
Keystroke monitors
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
KLOC (thousand lines of code) in bug rates 2nd 3rd
techniques used by bad guys to break software. If you want to protect your software from
Knowledge-driven models
attack, you must first learn how real attacks are really carried out.
This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about
Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
Language-based attacks
LD_LIBRARY_PATH environment variable 2nd |
||
ldil instruction |
|
|
ldo instruction 2nd 3rd |
||
Leading ghost characters |
||
Leaf functions 2nd |
|
|
• |
Table of Contents |
|
Leaking data in shared buffers 2nd 3rd |
||
• |
Index |
|
Leapfrogging in code tracing 2nd
Exploiting Software How to Break Code
LED keyboard indicators 2nd 3rd 4th 5th 6th 7th
ByGreg Hoglund,Gary McGraw
Legality of reverse engineering 2nd 3rd
Leveraging faults
Publisher: Addison Wesley li instruction
Pub Date: February 17, 2004 libc module
LicensingISBN: 0-201-78695-8
and reverse engineering Pages: 512
ASP model of
Linkage on PA-RISC
Linux
key loggers in
terminal character injection in 2nd
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers.
in MIPS processors
vs. big endian
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
load_file function 2nd
techniques used by bad guys to break software. If you want to protect your software from
Loadable kernel modules (lkms)
attack, you must first learn how real attacks are really carried out.
LoadLibrary function
Local branch instructions on PA-RISC
This must-have book may shock you—and it will certainly educate you.Getting beyond the
Local calls, weak 2nd 3rd 4th 5th
script kiddie treatment found in many hacking books, you will learn about
Local command-line utilities 2nd
Local filenames, URLs replaced by 2nd
Local registersWhy softwarein SPARC exploit will continue to be a serious problem
Local sockets 2nd
When network security mechanisms do not work
Location-based computation 2nd
Lock picks
Attack patterns
Log files
corrupting
Reverse engineering
for server software
manipulating 2nd
Classic attacks against server software
overflow in
privileges for 2nd
Surprising attacks against client software
Logging, key 2nd
Logic bombs
Techniques for crafting malicious input
Logical program flow
LogicallyThedistributedtechnicalsystemsdetails of buffer overflows
Long-term future of software
Love BugRootkvirusits
Lovelace, Ada 2nd
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
Low-level disk access 2nd
software.
Lowland addresses
lr register in AIX/PowerPC ls command
lsof command lstrcpy function finding
in reverse engineering ltrace tool
Lunt, Teresa
•Table of Contents
•Index
Exploiting Software How to Break Code
ByGreg Hoglund,Gary McGraw
Publisher: Addison Wesley
Pub Date: February 17, 2004
ISBN: 0-201-78695-8
Pages: 512
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.
This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about
Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
Machine code disassemblers 2nd 3rd
Mailing lists
MailSweeper, injection with
Malicious input, crafting [See Crafted input] |
||
malloc function 2nd |
|
|
Managed-writable mechanism |
||
• |
Table of Contents |
|
Manufacturers, EEPROM |
||
• |
Index |
|
Mapping
Exploiting Software How to Break Code
API layer 2nd 3rd
ByGreg Hoglund,Gary McGraw internal states 2nd
memory 2nd 3rd
Publisher: Addison Wesley network
Pub Date: February 17, 2004 runtime memory addresses
Mars LanderISBN: 0-201-78695-8
Master boot record (MBR), reading and writing
Pages: 512
maxsize attribute
Measurement in reverse engineering
Medium-term future of software 2nd 3rd
Melissa virus
memcpy function
How does software break? How do attackers make software break on purpose? Why are
Memory
firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers.
dumping 2nd
hardware, reading and writing 2nd 3rd 4th 5th 6th 7th 8th
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
in reverse engineering 2nd
techniques used by bad guys to break software. If you want to protect your software from
management of 2nd 3rd 4th 5th 6th
attack, you must first learn how real attacks are really carried out.
process snapshots for 2nd 3rd 4th 5th 6th
writing to
This must-have book may shock you—and it will certainly educate you.Getting beyond the
Memory mapping
script kiddie treatment found in many hacking books, you will learn about
for Trojan files 2nd 3rd
runtime
MemoryWhypage softwarebreakpointsexploit will continue to be a serious problem
Message pumps
When network security mechanisms do not work
Meta-characters
in e-mail headers 2nd
Attack patterns
in equivalent requests 2nd 3rd 4th
in parsing
Reverse engineering
meta-characters and the FML mailing list archive
microsoft Outlook view control
Classic attacks against server software
misclassification in NTFS file streams specifier
mples: Internet Explorer 2nd
Surprising attacks against client software
Outlook XP and HTML on reply or forward
overflow binary resource file in Netscape
Techniques for crafting malicious input
overflow variables and tags in Exim
overflowThe technicalvariables anddetailstags in MidiPlugof buffer overflows
overflow with symbolic links in EFTP server
PHPRootkitscommand injection using delimiters
PHP global variables
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
PostNuke content management system XSS
software.
scheduling a process with injection Scripting.FileSystemObject Scriptlet.TypeLib
Sendmail overflow simple script injection
slashes in alternate encodings Solaris getopt
Syslog()
the Outlook application object
Unicode encodings in the IIS server
UNIX environment variable
URL encodings in IceCast MP3 server
URL encodings in Titan application firewall
Wscript.Network
WScript.Shell
XSS in MP3 files and spreadsheets
Xtlib
•Table of Contents
mflr register
•Index
Micromachines
Exploiting Software How to Break Code
Microsoft compiler flaw 2nd 3rd 4th 5th 6th 7th 8th 9th
ByGreg Hoglund,Gary McGraw
Microsoft Developer Network (MSDN)
Microsoft IIS Server
elevatedPublisher:privilegesAddisoninWesley
unicode encodings in
Pub Date: February 17, 2004
Microsoft operating systems, lines of code in
ISBN: 0-201-78695-8
Microsoft SQL Server 7, gray box analysis for 2nd
Pages: 512
MidiPlug, overflow in
Military sites
honeypots in 2nd
telephone system infiltration
Military systems
How does software break? How do attackers make software break on purpose? Why are
aircraft 2nd
firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
embedded
What tools can be used to break software? This book provides the answers.
MIME conversions
MIPS instructions 2nd
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
MIPS-based payload construction
techniques used by bad guys to break software. If you want to protect your software from
Misclassification 2nd
attack, you must first learn how real attacks are really carried out.
Missile systems
Mitnick, Kevin
This must-have book may shock you—and it will certainly educate you.Getting beyond the
Mobile code 2nd 3rd 4th 5th 6th
script kiddie treatment found in many hacking books, you will learn about
Modeling computers
Monitor programs for injection points 2nd
Motorola CPU, buffer overflow in
Why software exploit will continue to be a serious problem
Mouse interrupt
MP3
files,WhenXSS innetwork security mechanisms do not work
MSDN (Microsoft Developer Network)
MultibyteAttacknumberpatternsrepresentation
Multiplatform payloads 2nd 3rd
MultipleReverseoperations,engineeringbuffer overflow from
Multiple parsers in shell command injection
Classic attacks against server software
Multiple paths of authentication
Multiple-command trick
Surprising attacks against client software
Multithreaded programs 2nd 3rd 4th
Munging data
Techniques for crafting malicious input
MV-22 Osprey 2nd
MyDialogProc function 2nd
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
NASA Mars Lander |
|
Navigation systems |
|
NDIS library 2nd 3rd |
|
NdisOpenAdapter function |
|
NdisRegisterProtocol function |
|
NdisRequest function 2nd |
|
• |
Table of Contents |
Negative values, buffer overflow from 2nd
• Index
Nesting function calls
Exploiting Software How to Break Code
net start _root_ command ByGreg Hoglund,Gary McGraw net stop _root_ command
netcat program 2nd 3rd
Publisher: Addison Wesley
Netscape I-Planet Application Server, decompiling 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th
Pub Date: February 17, 2004
Netscape, overflow in
netstat commandISBN: 0-2012nd-78695-8
Netterm program
Pages: 512
Network cards
EEPROM in 2nd 3rd 4th finding 2nd 3rd 4th 5th 6th
Network sniffers
for IDSs
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers.
Network-based fault injectors
Network-based software
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
Networks
techniques used by bad guys to break software. If you want to protect your software from
adoption rate of 2nd
attack, you must first learn how real attacks are really carried out.
code for
for driver support 2nd 3rd 4th 5th 6th 7th 8th 9th 10th
This must-have book may shock you—and it will certainly educate you.Getting beyond the
mapping
script kiddie treatment found in many hacking books, you will learn about
scanning
NIDES intrusion detection system
NIMDAWhyworm software exploit will continue to be a serious problem
nmap port scanner
When network security mechanisms do not work
Nonexecutable files
Nonexecutable stacks 2nd 3rd
Attack patterns
nop instructions
in AIX/PowerPC
Reverse engineering
in SPARC 2nd
NOT operator
Classic attacks against server software
NTFS file streams specifier
NULL buffers in helpctr.exe
Surprising attacks against client software
NULL characters and terminators
in AIX/PowerPC
Techniques for crafting malicious input
in buffer overflow 2nd 3rd
in MIPSTheopcodestechnical2nd details of buffer overflows
in payloads 2nd
in reversingRootkitsparser code
in stack overflow 2nd 3rd 4th 5th 6th 7th 8th
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
postfix 2nd
software.
Number representation in injection vectors
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
Object sharing, design-level vulnerabilities in
Objects, future of 2nd
Observability 2nd
Observable effects, removing
Off-by-one NULL termination 2nd 3rd 4th 5th |
|
Oil tankers, embedded systems in |
|
• |
Table of Contents |
OllyDbg tool |
Index |
• |
|
OnOpenAdapterDone function
Exploiting Software How to Break Code
OnOpenAdapterOne function
ByGreg Hoglund,Gary McGraw
OnStubDispatch function 2nd
OnUnload function 2nd 3rd
Publisher: Addison Wesley
Opcodes
Pub Date: February 17, 2004
Open dynamical systems
open functionISBN:in0-shell201-78695command-8 injection
Open shortest path first (OSPF), buffer overflow in
Pages: 512
Open-ended systems
Open-systems view 2nd 3rd
damage potential in 2nd exposure and potency in 2nd
risk in 2nd
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers.
Operating systems
encapsulation of
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
extensibility of
techniques used by bad guys to break software. If you want to protect your software from
future of 2nd
attack, you must first learn how real attacks are really carried out.
integration of
Oracle 9i
This must-have book may shock you—and it will certainly educate you.Getting beyond the
OS stack identification in attack patterns 2nd
script kiddie treatment found in many hacking books, you will learn about
OSPF (open shortest path first), buffer overflow in
Osprey aircraft, software failures in 2nd
Out instructionWhy software exploit will continue to be a serious problem
Out registers in SPARC
When network security mechanisms do not work
Outlook application, injection with 2nd
Outlook View Control, injection with
Attack patterns
Output events in attack patterns
Output points in partition analysis
Reverse engineering
Outside-in breakpoints
Outsourced software
Classic attacks against server software
backdoors in
future of 2nd
Surprising attacks against client software
Overflow, buffer [See Buffer overflow]
Overwriting
Techniques for crafting malicious input
exception handler frames
memoryThe headerstechnical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
PA-RISC payloads
|
construction of 2nd |
|||
|
inter-space branching on 2nd |
|||
|
inter-space trampolines with |
|
||
|
location of 2nd 3rd |
|
||
• |
stacks in 2nd 3rd |
|
||
Table of Contents |
||||
Packets
• Index
desynchronization of 2nd
Exploiting Software How to Break Code
leaking data in 2nd
ByGreg Hoglund,Gary McGraw
Parallel EEPROM 2nd
Parallel port interrupts
Publisher: Addison Wesley
Parameters
Pub Date: February 17, 2004 expansion of, buffer overflow from
in shellISBN:command0-201-injection78695-8
Parser code, reversing [See Crafted input;Reversing parser code]
Pages: 512
Parsing
buffer overflows from commands delimiters for
Partition analysis 2nd 3rd
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers.
Patches
binary code 2nd
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
NT kernel 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th
techniques used by bad guys to break software. If you want to protect your software from
peephole patches 2nd 3rd
attack, you must first learn how real attacks are really carried out.
finding
in reverse engineering 2nd 3rd
This must-have book may shock you—and it will certainly educate you.Getting beyond the
Patents
script kiddie treatment found in many hacking books, you will learn about
PATH environment variable
Patterns [See also Attack patterns]
PayloadsWhy software exploit will continue to be a serious problem
activation of 2nd 3rd
When network security mechanisms do not work
in buffer overflow 2nd 3rd
checksum/hash loading for 2nd
Attack patterns
dynamic jump tables for 2nd hard-coded function calls for
Reverse engineering
size of
XOR protection for
Classic attacks against server software
in injection vectors 2nd 3rd 4th 5th
memory locations for 2nd 3rd 4th
Surprising attacks against client software
on RISC architectures
branch delay with
Techniques for crafting malicious input
in AIX/PowerPC 2nd 3rd 4th 5th
inThePA-RISCtechnical2nd 3rddetails4th 5th 6thof buffer7th 8th 9thoverflows
in SPARC 2nd 3rd 4th
instructionRootkitslocations in 2nd
MIPS instructions 2nd
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
on HPUX 2nd 3rd
software.
PCL (printer control language) codes PDAs, embedded systems in Peephole patches 2nd 3rd
Perl
embedding within ASP pages system calls in 2nd
taint mode in 2nd Permissions
on directories
with ACLs Person-in-the-middle attacks Phase space analysis 2nd 3rd 4th Phone phreaks
Phone systems
blue boxes for 2nd 3rd in-band signals with 2nd 3rd
PHP
•Table of Contents command injection in
•Index
global variables in 2nd 3rd
Exploiting Software How to Break Code
Phrack Magazine, 2nd 3rd 4th
ByGreg Hoglund,Gary McGraw
Physical memory, writing to
Physical security
PICsPublisher:(ProgrammableAddisonInterruptWesleyControllers) 2nd
PIDs (process identifications)
Pub Date: February 17, 2004
for threads
ISBN: 0-201-78695-8
in GDB
Pages: 512 Ping packets
PIT tool
Pointers and pointer operations
buffer overflow from 2nd 3rd 4th 5th 6th 7th
byte operations with
How does software break? How do attackers make software break on purpose? Why are
in Prolog/Epilog
firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
in reversing parser code
What tools can be used to break software? This book provides the answers.
Poison pills
poll function
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
Polymorphism
techniques used by bad guys to break software. If you want to protect your software from
Pop-up windows from injection
attack, you must first learn how real attacks are really carried out.
Port scans 2nd
Ports on controller chips
This must-have book may shock you—and it will certainly educate you.Getting beyond the
POST requests
script kiddie treatment found in many hacking books, you will learn about
Postfix NULL terminators 2nd
PostNuke content management system
Potency in open-systems view 2nd
Why software exploit will continue to be a serious problem
Preloader, local filenames with
PrimaryWhenIDE channelnetworkinterruptsecurity mechanisms do not work
Primary opcodes
PrincipleAttackof leastpatternsprivilege
limitations of
whiteReverselisting inengineering
Printer control language (PCL) codes
Classic attacks against server software
Printers and printing
data from memory 2nd 3rd
Surprising attacks against client software
in-band signals with 2nd
printf function
Techniques for crafting malicious input
Privileged resources
attacking
The technical details of buffer overflows
in server software 2nd 3rd 4th
programs writing to
Rootkits
Privilige escalation 2nd 3rd 4th
ProcessExploitingidentificationsSoftware(PIDs)is filled with the tools, concepts, and knowledge necessary to break
softwarefor threads.
in GDB
Process injection for hiding programs
Process records, removing 2nd 3rd 4th
Process-permissions equal trusts
Processes
attaching to 2nd enumerating 2nd
for reading from untrusted sources
hiding
in reverse engineering 2nd 3rd 4th 5th 6th scheduling on server software 2nd spawning, handle inheritance in
Program execution flow, single stepping for 2nd
Program structure and logic, reverse engineering for 2nd
Programmable Interrupt Controllers (PICs) 2nd
Programs using drivers 2nd
•Table of Contents
Prolog/Epilog code 2nd
•Index
canary values in 2nd 3rd
Exploiting Software How to Break Code nonexecutable stacks in 2nd 3rd
ByGreg Hoglund,Gary McGraw
Promiscuous mode 2nd
Protocol clarity in packet defragmentation
PROTOSPublishetoolr: Addison Wesley
PS/2 mouse interrupt
Pub Date: February 17, 2004
Purify tool 2nd
ISBN: 0-201-78695-8
Pages: 512
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.
This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about
Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
Quality assurance (QA) testing limitations of
overlooking Query strings
in file system attacks
•XSS in 2nd Table of Contents
QueryDirectoryFile function
• Index
Exploiting Software How to Break Code
ByGreg Hoglund,Gary McGraw
Publisher: Addison Wesley
Pub Date: February 17, 2004
ISBN: 0-201-78695-8
Pages: 512
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.
This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about
Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
Race conditions detecting
in geographically distributed systems Radar systems
embedded systems in
•flash ROM inTable of Contents
Raw packet interfaces, Java support for
• Index
Reactive subscription services, IDSs as 2nd
Exploiting Software How to Break Code
Reactive technologies
ByGreg Hoglund,Gary McGraw read function
Reading
Publisher: Addison Wesley enabling, EEPROM for
Pub Date: February 17, 2004 from untrusted sources
hardwareISBN:memory0-201-786952nd 3rd-84th 5th 6th 7th 8th
master boot record Pages: 512
memory in reverse engineering 2nd ReadProcessMemory function ReadRegistry function 2nd 3rd Real-time clock interrupt
Rebooting for removing observable effects
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers.
Red pointing 2nd
Redirection
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
directory
techniques used by bad guys to break software. If you want to protect your software from
executing
attack, you must first learn how real attacks are really carried out.
server-side page references
Trojan executables 2nd 3rd 4th 5th 6th 7th
This must-have book may shock you—and it will certainly educate you.Getting beyond the
with CWD
script kiddie treatment found in many hacking books, you will learn about
Reference monitors
Reflection
againstWhytrustedsoftwaresites exploit will continue to be a serious problem
with in-band signals
When network security mechanisms do not work
Registering
drivers 2nd 3rd
Attack patterns
unload routines
Registers
Reverse engineering
examining 2nd
for boron tags 2nd
Classic attacks against server software
in buffer overflow 2nd
in MIPS
Surprising attacks against client software
in SPARC
Registry keys
Techniques for crafting malicious input
as attack targets
controllableThe technical details of buffer overflows
regmon tool
RegularRootkitsexpressions
Relative path injection
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
Relative path traversal
software.
Release guards Remote attacks 2nd
Remote procedure calls (RPCs)
Remote xterms with server software
Removing
observable effects
process records 2nd 3rd 4th Ren, Chris
Replies, injection with
report_out.txt file 2nd 3rd require function
ResetPC function
Resource files, executable code in
Resource IDs
ret instruction Return addresses
for injection vectors
•Table of Contents in buffer overflow attacks
•Index
Reverse compilers [See Source code;Decompilers]
Exploiting Software How to Break Code
Reverse engineering 2nd 3rd
ByGreg Hoglund,Gary McGraw
access requirement audits in
API resources for
automaticPublisher:bulkAddisonauditingWesleyin 2nd 3rd 4th 5th 6th 7th 8th 9th 10th
black box analysis for 2nd Pub Date: February 17, 2004
breakpoints for 2nd 3rd 4th ISBN: 0-201-78695-8
code coverage for 2nd 3rd 4th 5th 6th 7th 8th 9th Pages: 512
cracking tools for 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th
debuggers for 2nd 3rd 4th 5th
decompiling in 2nd 3rd 4th 5th 6th 7th
development of
disassembling in 2nd 3rd
How does software break? How do attackers make software break on purpose? Why are
fault injection in 2nd 3rd
firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
graphing for
What tools can be used to break software? This book provides the answers.
gray box analysis for 2nd 3rd
I-Planet Server 2nd 3rd 4th 5th 6th
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
IDA plugins for 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th
techniques used by bad guys to break software. If you want to protect your software from
input tracing for 2nd
attack, you must first learn how real attacks are really carried out.
kernel access in
leaking buffer data in 2nd 3rd
This must-have book may shock you—and it will certainly educate you.Getting beyond the
legality of 2nd 3rd
script kiddie treatment found in many hacking books, you will learn about
multithreading programs 2nd 3rd 4th patching in 2nd 3rd
process snapshots in 2nd 3rd 4th 5th 6th
Why software exploit will continue to be a serious problem
purpose of 2nd
readingWhenandnetworkwriting memorysecurityin 2ndmechanisms do not work
red pointing in 2nd
singleAttacksteppingpatternsin 2nd
version differences for
whiteReversebox analysisengineeringfor 2nd
RevertToSelf function
Classic attacks against server software
RISC architectures, payloads on [See Payloads]
Risk and risk assessment
Surprising attacks against client software
actual
defined
Techniques for crafting malicious input
for vulnerabilities 2nd
in open-systems 2nd
The technical details of buffer overflows
ROM 2nd
Root access, need for
Rootkits
Rootkits 2nd
Exploitingadvanced topicsSoftware2nd 3rd is filled with the tools, concepts, and knowledge necessary to break
softwarecall hooking. for 2nd 3rd 4th 5th 6th 7th detecting
for hardware viruses [See Hardware viruses] for hiding files and directories 2nd 3rd
for interrupts 2nd 3rd 4th for low-level disk access 2nd hiding
key logging 2nd
network support for drivers 2nd 3rd 4th 5th 6th 7th 8th 9th 10th
patching binary code 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th Trojan executable redirection 2nd 3rd 4th 5th 6th 7th
Routers
black box analysis for buffer overflow in 2nd
RPCs (remote procedure calls) run function
Running processes, attaching to 2nd
•Table of Contents
Runouts in code tracing
•Index
Runtime memory addresses, mapping
Exploiting Software How to Break Code
Runtime tracing 2nd
ByGreg Hoglund,Gary McGraw
Publisher: Addison Wesley
Pub Date: February 17, 2004
ISBN: 0-201-78695-8
Pages: 512
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.
This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about
Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
sample_callback function Satellites, exploitation of save instruction
SCADA software weaknesses
Scancodes
scanf function
•
Scheduling processes 2nd
• Index
Scientific method in reverse engineering
Exploiting Software How to Break Code
Script kiddies
ByGreg Hoglund,Gary McGraw
Scripting.FileSystemObject
Scriptlet.TypeLib
Publisher: Addison Wesley
Scripts
Pub Date: February 17, 2004 buffer overflows from
cross-ISBN:site [See0-201XSS-78695(cross-8-site scripting)]
embedding Pages: 512
in nonscript elements in scripts 2nd
misclassification with
with client software 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th
scrrun.dll file 2nd 3rd 4th 5th
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers.
Search paths in configuration files
seccinit.c file
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
seccook.c file
techniques used by bad guys to break software. If you want to protect your software from
secfail.c file
attack, you must first learn how real attacks are really carried out.
Second serial port interrupt
Secondary IDE channel interrupt
This must-have book may shock you—and it will certainly educate you.Getting beyond the
Secret variables
script kiddie treatment found in many hacking books, you will learn about
Secrets and Lies (Schneier)
Securing Java (McGraw and Felten) 2nd 3rd
SecurityWhy software exploit will continue to be a serious problem
boron tags for
When network security mechanisms do not work
for buffer overflows
in network-based software
Attack patterns
on Internet
software vs. application
Reverse engineering
through obscurity
Security Engineering (Anderson)
Classic attacks against server software
Security error handlers
Security flaws, reverse engineering for
Surprising attacks against client software
Security testing
Segmented GET requests
Techniques for crafting malicious input
Self-decrypting payloads 2nd 3rd
Self-organizingThe technicalsystems details of buffer overflows
SendKeyboardCommand function 2nd
Sendmail,Rootkitsoverflow in
Serial EEPROM 2nd
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
Serial port interrupts 2nd
software.
Server control of client software 2nd Server software 2nd
adding users authentication in 2nd blind trust in 2nd
configure trust in 2nd 3rd 4th 5th environment variables in 2nd 3rd 4th error code checking in
exploring file systems 2nd 3rd 4th 5th 6th
FTP
injection points in 2nd
input path tracing in 2nd 3rd 4th 5th 6th permissions inheritance in
phase space analysis in 2nd 3rd 4th privilege escalation problem in 2nd 3rd 4th process spawning in
remote xterms with
•Table of Contents scheduling processes on 2nd
•Index
session IDs in
Exploiting Software How to Break Code
shell command injection in [See Shell command injection]
ByGreg Hoglund,Gary McGraw
TFTP
trusted input problem in 2nd 3rd withPublisher:local socketsAddison2ndWesley
Server-side page reference redirects
Pub Date: February 17, 2004
Service outages from worms
ISBN: 0-201-78695-8
ServiceName value
Pages: 512
Session authentication
Session IDs
cookies for
in server software
SetBreakpoint function
How does software break? How do attackers make software break on purpose? Why are
SetEIP function
firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
SetLEDS function
What tools can be used to break software? This book provides the answers.
SetSingleStep function
setsnap function 2nd
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
SetSystemInformation function
techniques used by bad guys to break software. If you want to protect your software from
setuid utility
attack, you must first learn how real attacks are really carried out.
sfc.dll file
sfcfiles.dll file
This must-have book may shock you—and it will certainly educate you.Getting beyond the
Shared buffers, leaking data in 2nd 3rd
script kiddie treatment found in many hacking books, you will learn about
Shell code in embedded systems
Shell command injection 2nd
delimiters in 2nd 3rd
Why software exploit will continue to be a serious problem
fluttering windows from
for binaryWhenfilenetworkbuilding 2ndsecurity3rd mechanisms do not work
for text file building
throughAttackargumentspatternsfrom other programs
Short-term future of software 2nd 3rd 4th 5th
SignatureReverse-based IDSsengineering2nd 3rd
Signed/unsigned mismatches 2nd 3rd 4th 5th
Classic attacks against server software
Simple script injection, XSS in 2nd
Single stepping
Surprising attacks against client software
in reverse engineering 2nd
in runtime tracing 2nd
Techniques for crafting malicious input
Single-step flag
Size
The technical details of buffer overflows
buffer 2nd
payload
Rootkits
Slashes (/) in alternate encoding 2nd 3rd 4th 5th
SlidingExploitingregistersSoftwarein SPARC is filled with the tools, concepts, and knowledge necessary to break
sltisoftwareinstruction. 2nd Smart objects SmartBits tool Smashing the stack
Snapshots, process 2nd 3rd 4th 5th 6th
Sniffers
for IDSs
for OS stack identification 2nd Social engineering in C5 attacks
Sockets, server software with 2nd
SoftIce debugger
Software
bad 2nd
defined
essential
future of 2nd 3rd 4th 5th 6th 7th 8th 9th 10th
vulnerabilities
•Table of Contents
Software copy protection limitations
•Index
Software distribution, future of
Exploiting Software How to Break Code
Software Fault Injection (Voas and McGraw) 2nd
ByGreg Hoglund,Gary McGraw
Software licensing, ASP model of
Software security vs. application security
SoftwarePublisher:testing,Addifficultiesson W leyin
Solaris systems
Pub Date: February 17, 2004
buffer overflow in
ISBN: 0-201-78695-8
target models for 2nd Pages: 512
Sound card interrupt
Source code
decompilers for
in white box analysis 2nd
vs. executable
How does software break? How do attackers make software break on purpose? Why are
SOURCES file
firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
SourceScope tool 2nd
What tools can be used to break software? This book provides the answers.
for buffer overflow attacks
for white box analysis
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
Space characters in equivalent requests
techniques used by bad guys to break software. If you want to protect your software from
SPARC systems
attack, you must first learn how real attacks are really carried out.
function call nesting in
payload construction in 2nd 3rd 4th
This must-have book may shock you—and it will certainly educate you.Getting beyond the
register windows in
script kiddie treatment found in many hacking books, you will learn about
stacks on 2nd
Special characters in parsing
Special-purpose computational units
Why software exploit will continue to be a serious problem
Special-purpose OSs
Spike toolWhen network security mechanisms do not work
Spoofing
SpoonFTP,Attacktriplepatterns-dot vulnerability in 2nd
Spreadsheets, XSS in
sprintf Reverfunctionse engineering
Spying 2nd 3rd
Classic attacks against server software
SQL Server 7, gray box analysis for 2nd
SQL statements, buffer overflows from 2nd
Surprising attacks against client software
Stack traces for helpctr.exe
Stacked applications, conceptual view of
Techniques for crafting malicious input
StackGuard tool 2nd 3rd 4th 5th 6th 7th
Stacks and stack overflow 2nd
The technical details of buffer overflows
attack patterns 2nd
exception handler frames overwriting in
Rootkits
fixed-size buffers in 2nd
Exploitingin buffer overflowSoftware2nd is filled with the tools, concepts, and knowledge necessary to break
softwarein C++ 2nd. 3rd injection vectors for
NULL termination in 2nd 3rd 4th 5th 6th 7th on PA-RISC 2nd 3rd
on SPARC 2nd StackShield tool Statement sets, hostile States
in buffer overflow 2nd
in open-ended systems in software 2nd mapping 2nd
Static analysis tools for buffer overflow attacks [See also SourceScope]
Static strings in buffer overflow
Statistical windows in anomaly-based IDSs
Stealth activities
Steganography
•Table of Contents
stepi command
•Index
Storage files, hiding
Exploiting Software How to Break Code
Stored procedures
ByGreg Hoglund,Gary McGraw
buffer overflows from 2nd
in Oracle 9i strcatPublisher:function Addison Wesley
strcpy function
Pub Date: February 17, 2004
buffer overflow from 2nd 3rd 4th ISBN: 0-201-78695-8
in reverse engineering Pages: 512
Stress testing
String functions in buffer overflow attacks 2nd 3rd strlen function 2nd
strncat function 2nd 3rd strncpy function 2nd
How does software break? How do attackers make software break on purpose? Why are
Subopcodes
firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
Subscription services
What tools can be used to break software? This book provides the answers.
Subversive programs
classification of
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
defined 2nd
techniques used by bad guys to break software. If you want to protect your software from
SWIFT network
attack, you must first learn how real attacks are really carried out.
Switches, black box analysis for
Symbolic Links, overflow in
This must-have book may shock you—and it will certainly educate you.Getting beyond the
Synchronization of packets 2nd
script kiddie treatment found in many hacking books, you will learn about
syscall function
syslog function
System calls
Why software exploit will continue to be a serious problem
for reverse engineering
hookingWhen network security mechanisms do not work
user-supplied variables passed to
SystemAttackdirectoriespatternsas attack targets
System file protection, disabling
systemReversefunction engineering
buffer overflows from
Classic attacks against server software
in Prolog/Epilog 2nd
in shell command injection
Surprising attacks against client software
Perl calls to 2nd
System timer interrupt
Techniques for crafting malicious input
SystemLoadAndCallImage function
Systems
The technical details of buffer overflows
privileges for 2nd
software as
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
T-SQL (transact SQL) protocol 2nd
Tags
|
boron [See Boron tags] |
|
|
overflow in |
|
Taint mode in Perl 2nd |
||
|
|
|
takesnap function 2nd 3rd |
||
• |
Table of Contents |
|
Tankers, embedded systems in |
||
• |
Index |
|
Target components in attack patterns 2nd
Exploiting Software How to Break Code
Target software
ByGreg Hoglund,Gary McGraw
TARGETPATH environment variable
Taxonomy of attack patterns 2nd 3rd 4th
Publisher: Addison Wesley
Taylor UUCP daemon
Pub Date: February 17, 2004
TCP/IP
packetISBN:defragmentation0-201-78695in-8
ports as entry points Pages: 512
Technology adoption rates
TELNET environment variables
Temporary files
TERM environment variable
term function
How does software break? How do attackers make software break on purpose? Why are
Terminals
firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers.
escape codes for 2nd 3rd
Testing methodologies, fault injection for 2nd 3rd
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
Text files, shell command injection for
techniques used by bad guys to break software. If you want to protect your software from
TFTP (Tiny FTP)
attack, you must first learn how real attacks are really carried out.
The PIT tool
Thousand lines of code (KLOC) in bug rates 2nd 3rd
This must-have book may shock you—and it will certainly educate you.Getting beyond the
Threads, enumerating 2nd
script kiddie treatment found in many hacking books, you will learn about
Three-dimensional phase space plot of points
Time to market pressures
timerDPCWhyfunctionsoftware exploit will continue to be a serious problem
Timing attacks, detecting
When network security mechanisms do not work
Timing issues in EEPROM
Attack patterns
in geographically distributed systems
Tiny FTP (TFTP)
Reverse engineering
Titan application firewall
traceroute tool
Classic attacks against server software
Tracing code [See Code tracing]
Trade secrets
Surprising attacks against client software
Tradecraft, digital 2nd 3rd
Trampoline attack 2nd 3rd 4th 5th
Techniques for crafting malicious input
Transact SQL (T-SQL) protocol 2nd
TransactionThe-basedtechnicalsystemsdetails of buffer overflows
Transport-level security
TRAP FLAGRootkits
Traversal, file system 2nd
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
Trigger filters
software.
Trillian chat client 2nd Triple-dot vulnerability 2nd Tripwire, redirection with 2nd Trojan executable redirection
drivers for 2nd 3rd 4th 5th 6th with Tripwire 2nd
Trunk lines, controlling 2nd
Truss tool 2nd
Trust issues
design-level
in buffer overflows in Java
in server software 2nd 3rd 4th 5th 6th 7th 8th input-based
with users
Trusted sites, reflection against
Turing machines
•Table of Contents
Two-stage buffer overflow attacks 2nd [See also Trampoline attack]
•Index
Type confusion attacks in Java
Exploiting Software How to Break Code
Type safe languages 2nd
ByGreg Hoglund,Gary McGraw
TypeLib, attacks on
Publisher: Addison Wesley
Pub Date: February 17, 2004
ISBN: 0-201-78695-8
Pages: 512
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.
This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about
Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
Undisclosed exploits
Unicode encoding in equivalent requests 2nd
Uniform Computer Information Transactions Act (UCITA)
Uniform resource identifier (URI) data, locating routines for 2nd
Uniform resource locators (URLs)
• |
equivalent requests 2nd 3rd |
Table of Contents |
|
• |
passing local filenames in place of 2nd |
Index |
trust assumptions in
Exploiting Software How to Break Code
Universal Turing machines
ByGreg Hoglund,Gary McGraw
UNIX environment variables
UNIX-to-UNIX copy program (UUCP)
Publisher: Addison Wesley
Unloadable drivers 2nd
Pub Date: February 17, 2004
Unsafe languages
Unsigned/signedISBN: 0-mismatches201-78695-82nd 3rd 4th 5th
Untrusted sources, reading from
Pages: 512
URI (uniform resource identifier) data, locating routines for 2nd
URLs (uniform resource locators)
in equivalent requests 2nd 3rd passing local filenames in place of 2nd
trust assumptions in
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers.
User-controlled filenames, XSS in
User-mode debuggers
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
User-supplied configuration files for elevated privilege
techniques used by bad guys to break software. If you want to protect your software from
User-supplied variables, passed to file system calls
attack, you must first learn how real attacks are really carried out.
Users, adding
UTF-8 encoding
This must-have book may shock you—and it will certainly educate you.Getting beyond the
UUCP (UNIX-to-UNIX copy program)
script kiddie treatment found in many hacking books, you will learn about
Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
Valgrind debugger
Variables
in buffer overflow attacks 2nd 3rd 4th 5th in PHP 2nd 3rd
in server software 2nd 3rd 4th
•user-suppliedTable of Contents
Version differences for reverse engineering
• Index
Vessel Traffic Management Information System (VTMIS)
Exploiting Software How to Break Code
Virtual machines (VMs)
ByGreg Hoglund,Gary McGraw buffer overflows in 2nd 3rd
encapsulation of
Publisher: Addison Wesley extensibility of
Pub Date: February 17, 2004
VirtualQueryEx function
breakpointsISBN: 0for-2012nd-786953rd -8
for memory querying 2nd Pages: 512
Virus checkers as reactive technology
Viruses
development of
hardware [See Hardware viruses]
in client scripts 2nd
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers.
Vitek, Ian 2nd
von Bertalanffy, Ludwig
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
Voyager spacecraft
techniques used by bad guys to break software. If you want to protect your software from
vsprintf function
attack, you must first learn how real attacks are really carried out.
VT terminal escape codes
Vtables
This must-have book may shock you—and it will certainly educate you.Getting beyond the
VTMIS (Vessel Traffic Management Information System)
script kiddie treatment found in many hacking books, you will learn about
Vulnerabilities
backtracing from 2nd 3rd
collectionsWhy softwareof exploit will continue to be a serious problem
defined 2nd
When network security mechanisms do not work
design-level 2nd
increases in
Attack patterns
risk assessment for 2nd
VxWorks OS
Reverse engineering
flash ROM in
in embedded systems
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
WaitForKeyboard function 2nd wcsncat function
in helpctr.exe 2nd 3rd 4th in WINNT 2nd
WDASM disassembler
Weak local calls, finding 2nd 3rd 4th 5th |
|
• |
Table of Contents |
Web browsers and ActiveX 2nd |
|
• |
Index |
Web code and XML
Exploiting Software How to Break Code
Web logs
ByGreg Hoglund,Gary McGraw
Web servers
command-line parameters with
Publisher: Addison Wesley ghost characters with
Pub Date: February 17, 2004 misclassification of
Web spoofingISBN: 0-201-78695-8
Webalizer program
Pages: 512
WEP (wired equivalent privacy) encryption algorithm
White box analysis 2nd
vs. black box analysis White lists
for input
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys?
What tools can be used to break software? This book provides the answers.
Whitehat Security Arsenal (Rubin)
Whittaker, James
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and
Winamp program
techniques used by bad guys to break software. If you want to protect your software from
Windows operating systems
attack, you must first learn how real attacks are really carried out.
disabling system file protection for
heap headers in
This must-have book may shock you—and it will certainly educate you.Getting beyond the
kernel patching in 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th
script kiddie treatment found in many hacking books, you will learn about
key loggers in 2nd
lines of code in
messageWhypumpssoftwainre exploit will continue to be a serious problem
wcsncat function in 2nd
When network security mechanisms do not work
Wired equivalent privacy (WEP) encryption algorithm
Wireless systems
Attack patterns
future of 2nd
hiding attacker identity in 2nd
Reverse engineering
Worms
operation of 2nd
Classic attacks against server software
service outages from
write_eeprom function
Surprising attacks against client software
WriteProcessMemory function
WritingTechniques for crafting malicious input
enabling, EEPROM for
hardwareThe technicalmemory 2nddetails3rd 4th of5thbuffer6th 7th 8thoverflows
kernel rootkits
masterRootkitsboot record
memory in reverse engineering 2nd
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
to physical memory
software.
to privileged resources
Writing Secure Code (Howard and LeBlanc) 2nd 3rd
WSARecv function
backtracing to
in partition analysis in reverse engineering
WSASend function
Wscript.network, attacks on
WScript.Shell, attacks on
wsprintf function
•Table of Contents
•Index
Exploiting Software How to Break Code
ByGreg Hoglund,Gary McGraw
Publisher: Addison Wesley
Pub Date: February 17, 2004
ISBN: 0-201-78695-8
Pages: 512
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.
This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about
Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
x command 2nd
X Windows, backdoors on x86 debuggers 2nd 3rd x86 feature set
XML markup language
XOR protection |
Table of Contents |
• |
|
XSS (cross-site scripting) |
|
• |
Index |
in HTTP headers
Exploiting Software How to Break Code
in HTTP query strings 2nd ByGreg Hoglund,Gary McGraw
in Javascript alert dialog attacks
in reflection against trusted sites
Publisher: Addison Wesley in simple script injection 2nd
Pub Date: February 17, 2004 in user-controlled filenames
xterms withISBN:server0-201software-78695-8
Xtlib, buffer overflow in
Pages: 512
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.
This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about
Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.
[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]
Zone transfers
ZwCreateProcess function
ZwCreateSection function 2nd
ZwOpenFile function 2nd 3rd
•Table of Contents
•Index
Exploiting Software How to Break Code
ByGreg Hoglund,Gary McGraw
Publisher: Addison Wesley
Pub Date: February 17, 2004
ISBN: 0-201-78695-8
Pages: 512
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.
Exploiting Softwareis loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.
This must-have book may shock you—and it will certainly educate you.Getting beyond the script kiddie treatment found in many hacking books, you will learn about
Why software exploit will continue to be a serious problem
When network security mechanisms do not work
Attack patterns
Reverse engineering
Classic attacks against server software
Surprising attacks against client software
Techniques for crafting malicious input
The technical details of buffer overflows
Rootkits
Exploiting Softwareis filled with the tools, concepts, and knowledge necessary to break
software.