A Guide to Kernel Exploitation: Attacking the Core (Paperback)

Enrico Perla B.Sc. Computer Science University of Torino M.Sc. Computer Science Trinity College Dublin, Massimiliano Oldani

  • 出版商: Syngress Media
  • 出版日期: 2010-09-15
  • 售價: $1,750
  • 貴賓價: 9.5$1,663
  • 語言: 英文
  • 頁數: 442
  • 裝訂: Paperback
  • ISBN: 1597494860
  • ISBN-13: 9781597494861
  • 相關分類: 資訊安全
  • 立即出貨 (庫存=1)



The number of security countermeasures against user-land exploitation is on the rise. Because of this, kernel exploitation is becoming much more popular among exploit writers and attackers. Playing with the heart of the operating system can be a dangerous game: This book covers the theoretical techniques and approaches needed to develop reliable and effective kernel-level exploits and applies them to different operating systems (Linux, Solaris, Mac OS X, and Windows). Kernel exploits require both art and science to achieve. Every OS has its quirks and so every exploit must be molded to fully exploit its target. This book discusses the most popular OS families-UNIX derivatives, Mac OS X, and Windows-and how to gain complete control over them. Concepts and tactics are presented categorically so that even when a specifically detailed exploit has been patched, the foundational information that you have read will help you to write a newer, better attack or a more concrete design and defensive structure.

  • Covers a range of operating system families - UNIX derivatives, Mac OS X, Windows
  • Details common scenarios such as generic memory corruption (stack overflow, heap overflow, etc.) issues, logical bugs and race conditions
  • Delivers the reader from user-land exploitation to the world of kernel-land (OS) exploits/attacks, with a particular focus on the steps that lead to the creation of successful techniques, in order to give to the reader something more than just a set of tricks



安全對策的數量對抗用戶空間的攻擊正不斷增加。因此,核心攻擊在攻擊者和利用程式撰寫者中變得更加流行。玩弄操作系統的核心可能是一場危險的遊戲:本書涵蓋了開發可靠且有效的核心級攻擊所需的理論技術和方法,並將其應用於不同的操作系統(Linux、Solaris、Mac OS X和Windows)。核心攻擊需要藝術和科學的結合才能實現。每個操作系統都有其特點,因此每個攻擊都必須根據目標進行調整以充分利用其漏洞。本書討論了最受歡迎的操作系統家族-UNIX衍生版本、Mac OS X和Windows,以及如何完全控制它們。概念和策略以分類方式呈現,即使特定詳細的攻擊已被修補,您所閱讀的基礎信息也將幫助您撰寫更新、更好的攻擊或更具體的設計和防禦結構。

- 涵蓋一系列操作系統家族-UNIX衍生版本、Mac OS X和Windows
- 詳細介紹常見情景,如通用內存破壞(堆棧溢出、堆溢出等)問題、邏輯錯誤和競態條件
- 將讀者從用戶空間的攻擊引導到核心空間(操作系統)的攻擊,特別關注導致成功技術創建的步驟,以便為讀者提供更多不僅僅是一套技巧的東西。