A Bug Hunter's Diary
Seemingly simple bugs can have drastic consequences, allowing attackers to compromise systems, escalate local privileges, and otherwise wreak havoc on a system. A Bug Hunter's Diary follows security expert Tobias Klein as he tracks down and exploits bugs in some of the world's most popular software, like Apple's iOS, the VLC media player, web browsers, and even the Mac OS X kernel. In this one-of-a-kind account, you'll see how the developers responsible for these flaws patched the bugs or failed to respond at all. As you follow Klein on his journey, you'll gain deep technical knowledge and insight into how hackers approach difficult problems and experience the true joys (and frustrations) of bug hunting. Along the way you'll learn how to: Use field-tested techniques to find bugs, like identifying and tracing user input data and reverse engineering Exploit vulnerabilities like NULL pointer dereferences, buffer overflows, and type conversion flaws Develop proof of concept code that v
- Paperback | 200 pages
- 152 x 228 x 17.53mm | 326.59g
- 16 Jul 2019
- No Starch Press,US
- San Francisco, United States
- w. ill.
Table of contents
Acknowledgments; Introduction; The Goals of This Book; Who Should Read the Book; Disclaimer; Resources; Chapter 1: Bug Hunting; 1.1 1.1 For Fun and Profit; 1.2 1.2 Common Techniques; 1.3 1.3 Memory Errors; 1.4 1.4 Tools of the Trade; 1.5 1.5 EIP = 41414141; 1.6 1.6 Final Note; Chapter 2: Back to the '90s; 2.1 2.1 Vulnerability Discovery; 2.2 2.2 Exploitation; 2.3 2.3 Vulnerability Remediation; 2.4 2.4 Lessons Learned; 2.5 2.5 Addendum; Chapter 3: Escape from the WWW Zone; 3.1 3.1 Vulnerability Discovery; 3.2 3.2 Exploitation; 3.3 3.3 Vulnerability Remediation; 3.4 3.4 Lessons Learned; 3.5 3.5 Addendum; Chapter 4: NULL Pointer FTW; 4.1 4.1 Vulnerability Discovery; 4.2 4.2 Exploitation; 4.3 4.3 Vulnerability Remediation; 4.4 4.4 Lessons Learned; 4.5 4.5 Addendum; Chapter 5: Browse and You're Owned; 5.1 5.1 Vulnerability Discovery; 5.2 5.2 Exploitation; 5.3 5.3 Vulnerability Remediation; 5.4 5.4 Lessons Learned; 5.5 5.5 Addendum; Chapter 6: One Kernel to Rule Them All; 6.1 6.1 Vulnerability Discovery; 6.2 6.2 Exploitation; 6.3 6.3 Vulnerability Remediation; 6.4 6.4 Lessons Learned; 6.5 6.5 Addendum; Chapter 7: A Bug Older Than 4.4BSD; 7.1 7.1 Vulnerability Discovery; 7.2 7.2 Exploitation; 7.3 7.3 Vulnerability Remediation; 7.4 7.4 Lessons Learned; 7.5 7.5 Addendum; Chapter 8: The Ringtone Massacre; 8.1 8.1 Vulnerability Discovery; 8.2 8.2 Crash Analysis and Exploitation; 8.3 8.3 Vulnerability Remediation; 8.4 8.4 Lessons Learned; 8.5 8.5 Addendum; Hints for Hunting; A.1 Stack Buffer Overflows; A.2 NULL Pointer Dereferences; A.3 Type Conversions in C; A.4 GOT Overwrites; Debugging; B.1 The Solaris Modular Debugger (mdb); B.2 The Windows Debugger (WinDbg); B.3 Windows Kernel Debugging; B.4 The GNU Debugger (gdb); B.5 Using Linux as a Mac OS X Kernel-Debugging Host; Mitigation; C.1 Exploit Mitigation Techniques; C.2 RELRO; C.3 Solaris Zones; Updates; Colophon;
About Tobias Klein
Tobias Klein is a security researcher and founder of NESO Security Labs, an information security consulting and research company based in Heilbronn, Germany. He is the author of two information security books published in German by dpunkt.verlag of Heidelberg, Germany.