The Shellcoder's Handbook: Discovering and Exploiting Security Holes, 2/e (Paperback)

Chris Anley, John Heasman, Felix Lindner, Gerardo Richarte

  • 出版商: Wiley
  • 出版日期: 2007-08-01
  • 定價: $1,650
  • 售價: 9.5$1,568
  • 貴賓價: 9.0$1,485
  • 語言: 英文
  • 頁數: 744
  • 裝訂: Paperback
  • ISBN: 047008023X
  • ISBN-13: 9780470080238
  • 相關分類: 資訊安全
  • 立即出貨 (庫存=1)




  • This much-anticipated revision, written by the ultimate group of top security experts in the world, features 40 percent new content on how to find security holes in any operating system or application
  • New material addresses the many new exploitation techniques that have been discovered since the first edition, including attacking "unbreakable" software packages such as McAfee's Entercept, Mac OS X, XP, Office 2003, and Vista
  • Also features the first-ever published information on exploiting Cisco's IOS, with content that has never before been explored
  • The companion Web site features downloadable code files

Table of Contents

About the Authors.


Introduction to the Second Edition.

Part I: Introduction to Exploitation: Linux on x86.

Chapter 1: Before You Begin.

Chapter 2: Stack Overflows.

Chapter 3: Shellcode.

Chapter 4: Introduction to Format String Bugs.

Chapter 5: Introduction to Heap Overflows.

Part II: Other Platforms—Windows, Solaris, OS/X, and Cisco.

Chapter 6: The Wild World of Windows.

Chapter 7: Windows Shellcode.

Chapter 8: Windows Overflows.

Chapter 9: Overcoming Filters.

Chapter 10: Introduction to Solaris Exploitation.

Chapter 11: Advanced Solaris Exploitation.

Chapter 12: OS X Shellcode.

Chapter 13: Cisco IOS Exploitation.

Chapter 14: Protection Mechanisms.

Part III: Vulnerability Discovery.

Chapter 15: Establishing a Working Environment.

Chapter 16: Fault Injection.

Chapter 17: The Art of Fuzzing.

Chapter 18: Source Code Auditing: Finding Vulnerabilities in C-Based Languages.

Chapter 19: Instrumented Investigation: A Manual Approach.

Chapter 20: Tracing for Vulnerabilities.

Chapter 21: Binary Auditing: Hacking Closed Source Software.

Part IV: Advanced Materials.

Chapter 22: Alternative Payload Strategies.

Chapter 23: Writing Exploits that Work in the Wild.

Chapter 24: Attacking Database Software.

Chapter 25: Unix Kernel Overflows.

Chapter 26: Exploiting Unix Kernel Vulnerabilities.

Chapter 27: Hacking the Windows Kernel.