Table of Contents

Foreword
Preface
Acknowledgments
  1. Software-the Root of the Problem
    • A Brief History of Software
    • The Trinity of Trouble
    • The Future of Software
    • Conclusion
  2. Attack Patterns
    • A Taxonomy
    • An Open-Systems View
    • Tour of an Exploit
    • Attack Patterns: Blueprints for Disaster
    • An Example Exploit: Microsoft's Broken C++ Compiler
    • Applying Attack Patterns
    • Attack Pattern Boxes
    • Conclusion
  3. Reverse Engineering and Program Understanding
    • Into the House of Logic
    • Should Reverse Engineering Be Illegal?
    • Reverse Engineering Tools and Concepts
    • Approaches to Reverse Engineering
    • Methods of the Reverser
    • Writing IDA Plug-Ins
    • Decompiling and Disassembling Software
    • Decompilation in Practice: Reversing helpctr.exe
    • Automatic, Bulk Auditing for Vulnerabilities
    • Writing Your Own Cracking Tools
    • Building a Basic Code Coverage Tool
    • Conclusion
  4. Exploiting Server Software
    • The Trusted Input Problem
    • The Privilege Escalation Problem
    • Finding Injection Points
    • Input Path Tracing
    • Exploiting Trust Through Configuration
    • Specific Techniques and Attacks for Server Software
    • Conclusion
  5. Exploiting Client Software
    • Client-side Programs as Attack Targets
    • In-Band Signals
    • Cross-Site Scripting
    • Clients Scripts and Malicious Code
    • Content-Based Attacks
    • "Back-Wash" Attacks: Leveraging Client-Side Buffering Overflows
    • Conclusion
  6. Crafting (Malicious) Input
    • The Defender's Dilemma
    • Intrusion-Detection (not)
    • Partition Analysis
    • Tracing Code
    • Example: Reversing I-Planet Server 6.0 Through the Front Door
    • Misclassification
    • Building "Equivalent" Requests
    • Conclusion
    • Appendix: ASCII Conversion Chart
  7. Buffer Overflow
    • Buffer Overflow 101
    • Injection Vectors: Input Rides Again
    • Buffer Overflows and Embedded Systems
    • Database Buffer Overflows
    • Buffer Overflows and Java?!
    • Content-Based Buffer Overflow
    • Audit Truncation and Filters with Buffer Overflow
    • Causing Overflow and Environment Variables
    • The Multiple Operation Problem
    • Finding Potential Buffer Overflows
    • Stack Overflow
    • Arithmetic Errors in Memory Management
    • Format String Vulnerabilities
    • Heap Overflows
    • Buffer Overflows and C + +
    • Payloads
    • Payloads on RISC Architectures
    • Prolog/Epilog Code to Protect Functions
    • Conclusion
  8. Rootkits
    • Subversive Programs
    • A Simple Windows-XP Kernel Rootkit
    • Call Hooking
    • Trojan Executable Redirection
    • Hiding Files and Directories
    • Patching Binary Code
    • The Hardware Virus
    • Low Level Disk-Access
    • Adding Network Support to a Driver
    • Interrupts
    • Key-Logging
    • Advanced Rootkit Topics
    • Conclusion
Appendix: ASCII Conversion Chart
References
Index