Key Features * Covers a range of operating system families -- Windows, Mac OS X, UNIX-derivates * Details common scenarios such as generic memory corruption (stack overflow, heap overflow, etc) issues, logical bugs and race conditions. * Delivers the reader from user-land exploitation to the world of kernel-land (OS) exploits/attacks, with a particular focus on the steps that bring to the creation of successful techniques, in order to give to the reader something more than a set of tricks, a full methodology Description With the increasing number of security countermeasures against user land exploitation, kernel level exploitation is getting more and more popular among attackers and, generically, exploit writers. Playing with the heart of the operating system can be a dangerous game: this book covers the theoretical techniques and approaches needed to develop reliable and effective kernel level exploits and applies them to different operating systems (Unix-derivate, Mac OS X, Windows). Kernel exploits take both art and science. Every OS has its quirks and so every exploit must be molded to fully exploit its target. This book discusses the four most popular OS familiess-- UNIX-derivates, MAC OS X and Windows --and how to gain complete control over them. Concepts and tactics ar presented categorically so that even when a specifically detailed exploit has been pathced, the foundational information that you have read will help to write a newer, better attack, if you are a hacker; a more concrete design and defensive structure, if you are a pen tester, auditor, or the like. * Covers a range of operating system families -- Windows, Mac OS X, UNIX-derivates * Details common scenarios such as generic memory corruption (stack overflow, heap overflow, etc) issues, logical bugs and race conditions. * Delivers the reader from user-land exploitation to the world of kernel-land (OS) exploits/attacks, with a particular focus on the steps that bring to the creation of successful techniques, in order to give to the reader something more than a set of tricks: a full methodology. Content: Introduction Part I: A Journey to Kernel Land Chapter 1: From User Land to Kernel Land Attacks Chapter 2: A Taxonomy of Kernel Vulnerabilities Chapter 3: Stairway to Successful Kernel Exploitation Part II: The Unix Family, Mac OS X, and Windows Chapter 4: The Unix Family Chapter 5: Mac OS X Chapter 6: Windows Part III: Remote Kernel Exploitation Chapter 7: Facing the Challenges of Remote Exploitation Chapter 8: Putting it all Together: A Linux Case Study Part IV: Final Words Chapter 9: Kernel Evolution: Future Attacks and Defense

]]> /hvaonline/posts/list/35229.html#216533 /hvaonline/posts/list/35229.html#216533 GMT