What This Book Is About. How to Use This Book. But Isn't This Too Dangerous? Acknowledgments.
1. Software-The Root of the Problem.
A Brief History of Software. Bad Software Is Ubiquitous. The Trinity of Trouble. The Future of Software. What Is Software Security? Conclusion.
2. Attack Patterns.
A Taxonomy. An Open-Systems View. Tour of an Exploit. Attack Patterns: Blueprints for Disaster. An Example Exploit: Microsoft's Broken C++ Compiler. Applying Attack Patterns. Attack Pattern Boxes. Conclusion.
3. Reverse Engineering and Program Understanding.
Into the House of Logic. Should Reverse Engineering Be Illegal? Reverse Engineering Tools and Concepts. Methods of the Reverser. Writing Interactive Disassembler (IDA) Plugins. Decompiling and Disassembling Software. Decompilation in Practice: Reversing helpctr.exe. Automatic, Bulk Auditing for Vulnerabilities. Writing Your Own Cracking Tools. Building a Basic Code Coverage Tool. Conclusion.
4. Exploiting Server Software.
The Trusted Input Problem. The Privilege Escalation Problem. Finding Injection Points. Input Path Tracing. Exploiting Trust through Configuration. Specific Techniques and Attacks for Server Software. Conclusion.
5. Exploiting Client Software.
Client-side Programs as Attack Targets. In-band Signals. Cross-site Scripting (XSS). Clients Scripts and Malicious Code. Content-Based Attacks. Backwash Attacks: Leveraging Client-side Buffer. Conclusion.
6. Crafting (Malicious) Input.
The Defender's Dilemma.
**Foreword by Avi Rubin. How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers. This book is studded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out. Learn about: Why software exploit will continue to be a serious problem; When network security mechanisms do not work; Attack patterns; Reverse engineering; Classic attacks against server software; Surprising attacks against client software; Techniques for crafting malicious input; The technical details of buffer overflows; and Rootkits. This information needs to be understood and digested by security professionals so that they know the magnitude of the problem and they can begin to address it properly. Today, all developers should be security-minded. The knowledge here will arm you with a real understanding of the software security problem.
Greg Hoglund has been a pioneer in the area of software security.
He is CEO of HBGary, Inc., a leading provider of software security
verification services. After writing one of the first network
vulnerability scanners (installed in over half of all Fortune 500
companies), he created and documented the first Windows NT-based
rootkit, founding rootkit.com in the process. Greg is a frequent
speaker at Black Hat, RSA, and other security conferences. Gary
McGraw, Cigital's CTO, is a leading authority on software security.
Dr. McGraw is coauthor of the groundbreaking books Building
Secure Software and Exploiting Software (both from
Addison-Wesley). While consulting for major software producers and
consumers, he has published over ninety peer-reviewed technical
publications, and functions as principal investigator on grants
from DARPA, the National Science Foundation, and NIST's Advanced
Technology Program. He serves on the advisory boards of Authentica,
Counterpane, and Fortify Software. He is also an advisor to the
computer science departments at University of California, Davis,
and the University of Virginia, as well as the School of
Informatics at Indiana University.
Praise for Exploiting Software "Exploiting Software highlights the most critical part of the software quality problem. As it turns out, software quality problems are a major contributing factor to computer security problems. Increasingly, companies large and small depend on software to run their businesses every day. The current approach to software quality and security taken by software companies, system integrators, and internal development organizations is like driving a car on a rainy day with worn-out tires and no air bags. In both cases, the odds are that something bad is going to happen, and there is no protection for the occupant/owner. This book will help the reader understand how to make software quality part of the design - a key change from where we are today!" - Tony Scott Chief Technology Officer, IS&S General Motors Corporation ~"It's about time someone wrote a book to teach the good guys what the bad guys already know. As the computer security industry matures, books like Exploiting Software have a critical role to play." - Bruce Schneier Chief Technology Officer Counterpane Author of Beyond Fear and Secrets and Lies ~"Exploiting Software cuts to the heart of the computer security problem, showing why broken software presents a clear and present danger. Getting past the 'worm of the day' phenomenon requires that someone other than the bad guys understands how software is attacked. This book is a wake-up call for computer security." - Elinor Mills Abreu Reuters' correspondent ~"Police investigators study how criminals think and act. Military strategists learn about the enemy's tactics, as well as their weapons and personnel capabilities. Similarly, information security professionals need to study their criminals and enemies, so we can tell the difference between popguns and weapons of mass destruction. This book is a significant advance in helping the 'white hats' understand how the 'black hats' operate. Through extensive examples and 'attack patterns,' this book helps the reader understand how attackers analyze software and use the results of the analysis to attack systems. Hoglund and McGraw explain not only how hackers attack servers, but also how malicious server operators can attack clients (and how each can protect themselves from the other). An excellent book for practicing security engineers, and an ideal book for an undergraduate class in software security." - Jeremy Epstein Director, Product Security & Performance webMethods, Inc. ~"A provocative and revealing book from two leading security experts and world class software exploiters, Exploiting Software enters the mind of the cleverest and wickedest crackers and shows you how they think. It illustrates general principles for breaking software, and provides you a whirlwind tour of techniques for finding and exploiting software vulnerabilities, along with detailed examples from real software exploits. Exploiting Software is essential reading for anyone responsible for placing software in a hostile environment - that is, everyone who writes or installs programs that run on the Internet." - Dave Evans, Ph.D. Associate Professor of Computer Science University of Virginia ~"The root cause for most of today's Internet hacker exploits and malicious software outbreaks are buggy software and faulty security software deployment. In Exploiting Software, Greg Hoglund and Gary McGraw help us in an interesting and provocative way to better defend ourselves against malicious hacker attacks on those software loopholes. The information in this book is an essential reference that needs to be understood, digested, and aggressively addressed by IT and information security professionals everywhere." - Ken Cutler, CISSP, CISA Vice President, Curriculum Development & Professional Services, MIS Training Institute ~"This book describes the threats to software in concrete, understandable, and frightening detail. It also discusses how to find these problems before the bad folks do. A valuable addition to every programmer's and security person's library!" - Matt Bishop, Ph.D. Professor of Computer Science University of California at Davis Author of Computer Security: Art and Science