Introduction
前言
________________________________________
We are living in a harsh and cruel world. Popular software that runs on millions of machines all over the world contains security holes, most of which are critical. Hackers, viruses and worms actively exploit these holes, attacking from all corners of the Net. The vast majority of remote attacks are carried out by exploiting buffer overflow, the particular case of which is stack overflow. Those who have mastered the techniques of exploiting buffer overflow errors rule the world. If you need a guide to navigate the world of buffers subject to overflow supplied with the detailed survival guide, then this book is for you. Just open the door and enter the wonderful world hidden behind the facade of programming in high-level programming languages. This is where the gears that set everything else in motion are working.
Why are overflow errors so fundamental? What can you do using them? How do you find a vulnerable buffer? What limitations do such buffers imply on the shellcode? How do you overcome these limitations? What tools should you use to compile shellcode? How do you send this code to remote host yet remain unnoticed? How do you bypass a firewall? How do you detect and analyze shell-code written by someone else? And how do you protect your programs against overflow errors?
That the antiviral industry is a kind of a club for a limited community is not a secret to anyone. This community is closed and is not too willing to accept new members. It owns information intended for insiders only. This is partially because of security considerations, but this is also due to the pernicious effects of competition. This book partially discloses the secrets.
