en
Tobias Klein

A Bug Hunter's Diary

Giv mig besked når bogen er tilgængelig
Denne bog er ikke tilgængelig i streaming pt. men du kan uploade din egen epub- eller fb2-fil og læse den sammen med dine andre bøger på Bookmate. Hvordan overfører jeg en bog?
“Give a man an exploit and you make him a hacker for a day; teach a man to exploit bugs and you make him a hacker for a lifetime.”
–Felix 'FX' Lindner
\nA Bug Hunter's Diary follows security expert Tobias Klein as he tracks down and exploits bugs in some of the world's most popular software.
Denne bog er ikke tilgængelig i øjeblikket
258 trykte sider
Har du allerede læst den? Hvad synes du om den?
👍👎

Citater

  • SKhar citeretfor 5 år siden
    2]See Daniel Hodson, “Uninitialized Variables: Finding, Exploiting, Automating” (presentation, Ruxcon, 2008), http://felinemenace.org/~mercy/slides/RUXCON2008-UninitializedVariables.pdf.
    [3]See Common Weakness Enumeration, CWE List, CWE - Individual Dictionary Definition (2.0), CWE-415: Double Free at http://cwe.mitre.org/data/definitions/415.html
  • SKhar citeretfor 5 år siden
    Potentially Vulnerable Code Locations

    This is only one approach to bug hunting. Another tactic for finding potentially vulnerable locations in the code is to look at the code near “unsafe” C/C++ library functions, such as strcpy() and strcat(), in search of possible buffer overflows. Alternatively, you could search the disassembly for movsx assembler instructions in order to find sign-extension vulnerabilities. If you find a potentially vulnerable code location, you can then trace backward through the code to see whether these code fragments expose any vulnerabilities accessible from an application entry point. I rarely use this approach, but other bug hunters swear by it

På boghylderne

fb2epub
Træk og slip dine filer (ikke mere end 5 ad gangen)