Thursday , 24 April , 2025



icon
Image from Google Jackets
Image from OpenLibrary

Hacking : the art of exploitation / by Jon Erickson.

By: [San Francisco] : No Starch Press, 2003Description: xi, 241 pages : illustrations ; 23 cmISBN:
  • 1593270070
Subject(s): DDC classification:
  • 005.8 23 E68
Contents:
Programming Program Exploitation Generalized Exploit Techniques Multi-User File Permissions Memory Memory Declaration Null Byte Termination Program Memory Segmentation Buffer Overflows Stack-Based Overflows Exploiting Without Exploit Code Using the Environment Heap- and bss-Based Overflows A Basic Heap-Based Overflow Overflowing Function Pointers Format Strings Format Strings and printf() The Format-String Vulnerability Reading from Arbitrary Memory Addresses Writing to Arbitrary Memory Addresses Direct Parameter Access Detours with dtors Overwriting the Global Offset Table Writing Shellcode Common Assembly Instructions Linux System Calls Hello, World! Shell-Spawning Code Avoiding Using Other Segments Removing Null Bytes Even Smaller Shellcode Using the Stack Printable ASCII Instructions Polymorphic Shellcode ASCII Printable Polymorphic Shellcode Dissembler Returning into libc Returning into system() Chaining Return into libc Calls Using a Wrapper Writing Nulls with Return into libc Writing Multiple Words with a Single Call Networking OSI Model Interesting Layers in Detail Network Layer Transport Layer Data-Link Layer Network Sniffing Active Sniffing TCP/IP Hijacking RST Hijacking Denial of Service The Ping of Death Teardrop Ping Flooding Amplification Attacks Distributed DoS Flooding SYN Flooding Port Scanning Stealth SYN Scan FIN, X-mas, and Null Scans Spoofing Decoys Idle Scanning Proactive Defense (Shroud) Cryptology Information Theory Unconditional Security One-Time Pads Quantum Key Distribution Computational Security Algorithmic Runtime Asymptotic Notation Symmetric Encryption Lov Grover's Quantum Search Algorithm Asymmetric Encryption RSA Peter Shor's Quantum Factoring Algorithm Hybrid Ciphers Man-in-the-Middle Attacks Differing SSH Protocol Host Fingerprints Fuzzy Fingerprints Password Cracking Dictionary Attacks Exhaustive Brute-Force Attacks Hash Lookup Table Password Probability Matrix Wireless 802.11 b Encryption Wired Equivalent Privacy (WEP) RC4 Stream Cipher WEP Attacks Offline Brute-Force Attacks Keystream Reuse IV-Based Decryption Dictionary Tables IP Redirection Fluhrer, Mantin, and Shamir (FMS) Attack
Summary: Describes the techniques of computer hacking, covering such topics as stack-based overflows, format string exploits, and shellcode.
Item type: كتاب
Tags from this library: No tags from this library for this title.
Star ratings
    Average rating: 0.0 (0 votes)

Includes bibliographical references and index.

Programming
Program Exploitation
Generalized Exploit Techniques
Multi-User File Permissions
Memory
Memory Declaration
Null Byte Termination
Program Memory Segmentation
Buffer Overflows
Stack-Based Overflows
Exploiting Without Exploit Code
Using the Environment
Heap- and bss-Based Overflows
A Basic Heap-Based Overflow
Overflowing Function Pointers
Format Strings
Format Strings and printf()
The Format-String Vulnerability
Reading from Arbitrary Memory Addresses
Writing to Arbitrary Memory Addresses
Direct Parameter Access
Detours with dtors
Overwriting the Global Offset Table
Writing Shellcode
Common Assembly Instructions
Linux System Calls
Hello, World!
Shell-Spawning Code
Avoiding Using Other Segments
Removing Null Bytes
Even Smaller Shellcode Using the Stack
Printable ASCII Instructions
Polymorphic Shellcode
ASCII Printable Polymorphic Shellcode
Dissembler
Returning into libc
Returning into system()
Chaining Return into libc Calls
Using a Wrapper
Writing Nulls with Return into libc
Writing Multiple Words with a Single Call
Networking
OSI Model
Interesting Layers in Detail
Network Layer
Transport Layer
Data-Link Layer
Network Sniffing
Active Sniffing
TCP/IP Hijacking
RST Hijacking
Denial of Service
The Ping of Death
Teardrop
Ping Flooding
Amplification Attacks
Distributed DoS Flooding
SYN Flooding
Port Scanning
Stealth SYN Scan
FIN, X-mas, and Null Scans
Spoofing Decoys
Idle Scanning
Proactive Defense (Shroud)
Cryptology
Information Theory
Unconditional Security
One-Time Pads
Quantum Key Distribution
Computational Security
Algorithmic Runtime
Asymptotic Notation
Symmetric Encryption
Lov Grover's Quantum Search Algorithm
Asymmetric Encryption
RSA
Peter Shor's Quantum Factoring Algorithm
Hybrid Ciphers
Man-in-the-Middle Attacks
Differing SSH Protocol Host Fingerprints
Fuzzy Fingerprints
Password Cracking
Dictionary Attacks
Exhaustive Brute-Force Attacks
Hash Lookup Table
Password Probability Matrix
Wireless 802.11 b Encryption
Wired Equivalent Privacy (WEP)
RC4 Stream Cipher
WEP Attacks
Offline Brute-Force Attacks
Keystream Reuse
IV-Based Decryption Dictionary Tables
IP Redirection
Fluhrer, Mantin, and Shamir (FMS) Attack

Describes the techniques of computer hacking, covering such topics as stack-based overflows, format string exploits, and shellcode.