Perlai / Oldan | A Guide to Kernel Exploitation | E-Book | sack.de
E-Book

E-Book, Englisch, 465 Seiten

Perlai / Oldan A Guide to Kernel Exploitation


Attacking the Core

E-Book, Englisch, 465 Seiten

ISBN: 978-1-59749-487-8
Verlag: Elsevier Reference Monographs
Format: PDF
 Kopierschutz: Adobe DRM (»Systemvoraussetzungen)

The number of security countermeasures against user-land exploitation is on the rise. Because of this, kernel exploitation is becoming much more popular among exploit writers and attackers. Playing with the heart of the operating system can be a dangerous game: This book covers the theoretical techniques and approaches needed to develop reliable and effective kernel-level exploits and applies them to different operating systems (Linux, Solaris, Mac OS X, and Windows). Kernel exploits require both art and science to achieve. Every OS has its quirks and so every exploit must be molded to fully exploit its target. This book discusses the most popular OS families-UNIX derivatives, Mac OS X, and Windows-and how to gain complete control over them. Concepts and tactics are presented categorically so that even when a specifically detailed exploit has been patched, the foundational information that you have read will help you to write a newer, better attack or a more concrete design and defensive structure.

Covers a range of operating system families - UNIX derivatives, Mac OS X, Windows Details common scenarios such as generic memory corruption (stack overflow, heap overflow, etc.) issues, logical bugs and race conditions Delivers the reader from user-land exploitation to the world of kernel-land (OS) exploits/attacks, with a particular focus on the steps that lead to the creation of successful techniques, in order to give to the reader something more than just a set of tricks  ,
Perlai / Oldan A Guide to Kernel Exploitation jetzt bestellen!

Autoren/Hrsg.

Perlai, Enrico
Oldan, Massimiliano

Weitere Infos & Material

1;Front Cover;1
2;A Guide to Kernel Exploitation;4
3;Copyright;5
4;Table of Contents;6
5;Foreword;12
6;Preface;14
6.1;Book Overview;14
6.2;How This Book Is Organized;14
6.3;Conclusion;16
7;Acknowledgments;18
8;About the Authors;20
9;About the Technical Editor;22
10;Part I. Journey to Kernel Land;24
10.1;Chapter 1. From User-Land to Kernel-Land Attacks;26
10.1.1;Introduction;26
10.1.2;Introducing the Kernel and the World of Kernel Exploitation;26
10.1.3;Why Doesn’t My User-Land Exploit Work Anymore?;32
10.1.4;An Exploit Writer’s View of the Kernel;36
10.1.5;Open Source versus Closed Source Operating Systems;41
10.1.6;Summary;41
10.1.7;Related Reading;42
10.1.8;Endnote;42
10.2;Chapter 2. A Taxonomy of Kernel Vulnerabilities;44
10.2.1;Introduction;44
10.2.2;Uninitialized/Nonvalidated/Corrupted Pointer Dereference;45
10.2.3;Memory Corruption Vulnerabilities;49
10.2.4;Integer Issues;52
10.2.5;Race Conditions;56
10.2.6;Logic Bugs (a.k.a. the Bug Grab Bag);62
10.2.7;Summary;67
10.2.8;Endnotes;67
10.3;Chapter 3. Stairway to Successful Kernel Exploitation;70
10.3.1;Introduction;70
10.3.2;A Look at the Architecture Level;71
10.3.3;The Execution Step;81
10.3.4;The Triggering Step;94
10.3.5;The Information-Gathering Step;113
10.3.6;Summary;121
10.3.7;Related Reading;122
11;Part II. The UNIX Family, Mac OS X, and Windows;124
11.1;Chapter 4. The UNIX Family;126
11.1.1;Introduction;126
11.1.2;The Members of the UNIX Family;127
11.1.3;The Execution Step;149
11.1.4;Practical UNIX Exploitation;161
11.1.5;Summary;216
11.1.6;Endnotes;217
11.2;Chapter 5. Mac OS X;218
11.2.1;Introduction;218
11.2.2;An Overview of XNU;219
11.2.3;Kernel Debugging;223
11.2.4;Kernel Extensions (Kext);231
11.2.5;The Execution Step;250
11.2.6;Exploitation Notes;251
11.2.7;Summary;289
11.2.8;Endnotes;290
11.3;Chapter 6. Windows;292
11.3.1;Introduction;292
11.3.2;Windows Kernel Overview;294
11.3.3;The Execution Step;308
11.3.4;Practical Windows Exploitation;331
11.3.5;Summary;362
11.3.6;Endnotes;363
12;Part III. Remote Kernel Exploitation;364
12.1;Chapter 7. Facing the Challenges of Remote Kernel Exploitation;366
12.1.1;Introduction;366
12.1.2;Attacking Remote Vulnerabilities;367
12.1.3;Executing the First Instruction;371
12.1.4;Remote Payloads;385
12.1.5;Summary;406
12.1.6;Endnote;407
12.2;Chapter 8. Putting It All Together: A Linux Case Study;408
12.2.1;Introduction;408
12.2.2;SCTP FWD Chunk Heap Memory Corruption;409
12.2.3;Remote Exploitation: An Overall Analysis;416
12.2.4;Getting the Arbitrary Memory Overwrite Primitive;417
12.2.5;Installing the Shellcode;426
12.2.6;Executing the Shellcode;433
12.2.7;Summary;437
12.2.8;Related Reading;438
12.2.9;Endnote;438
13;Part IV. Final Words;440
13.1;Chapter 9. Kernel Evolution: Future Forms of Attack and Defense;442
13.1.1;Introduction;442
13.1.2;Kernel Attacks;443
13.1.3;Kernel Defense;448
13.1.4;Beyond Kernel Bugs: Virtualization;455
13.1.5;Summary;457
14;Index;460

Ihre Fragen, Wünsche oder Anmerkungen
Vorname*
Nachname*
Ihre E-Mail-Adresse*
Kundennr.
Ihre Nachricht*
Lediglich mit * gekennzeichnete Felder sind Pflichtfelder.
Wenn Sie die im Kontaktformular eingegebenen Daten durch Klick auf den nachfolgenden Button übersenden, erklären Sie sich damit einverstanden, dass wir Ihr Angaben für die Beantwortung Ihrer Anfrage verwenden. Selbstverständlich werden Ihre Daten vertraulich behandelt und nicht an Dritte weitergegeben. Sie können der Verwendung Ihrer Daten jederzeit widersprechen. Das Datenhandling bei Sack Fachmedien erklären wir Ihnen in unserer Datenschutzerklärung.