lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <ONELLHJCMOADHBCNPGFCGECGCHAA.jack.koziol@infosecinstitute.com>
From: jack.koziol at infosecinstitute.com (Jack Koziol)
Subject: "Book of unreleased exploits" Clarification

Over the weekend there were a bunch of posts to FD talking about a "Book of
unreleased exploits". As the lead author for the book in question, The
Shellcoder's Handbook, I want to get a post out to FD to clarify what
Shellcoder's is all about, and dispel some of the misinformation floating
around about it.

Essentially, yes, there are some 0day or unreleased exploits contained in
the book, but it is by no means a "compendium" of them, and there is nowhere
near 150 of them. The goal of the book is to teach vulnerability
development/discovery and software exploitation for programs written in C
family of languages. In the book, the 0day is somewhat of an afterthought,
it was included primarily to prove that the techniques and examples in the
book can be used to find security bugs for software actually used in the
real world. It makes the content of the book more interesting, rather than
exploiting simple 5 line programs for 700 pages, we slowly graduate the
reader to vuln dev on a variety of real world applications and on many
different platforms (Linux/Win32 on IA32, solaris on sparc, Tru64, etc.).
Like Dave said when we were roughing out the table of contents over a year
ago, "lots of people have read Smashing the Stack for Fun and Profit, but
very few can actually do something with it".

The book has four parts, first showing the reader how to write exploits for
simple contrived programs, then graduating to real software exploitation,
flowing to how to discover these bugs via binary/source auditing,
instrumented investigation, and fuzzing. Finally we cover some advanced
content, such as finding and exploiting bugs in the Solaris and OpenBSD
kernels, and exploit development for database software packages.

Jack Koziol

PS: A group of incredibly brilliant people worked very hard on making this
book possible, and to call it "lame" without ever having read it, is well,
to use your own language, really lame. If you read/skim it at Borders and
think it sucks, that's cool, but at least take the time to read something
before your criticize it in public.



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ