• Complain

Tobias Klein - A Bug Hunters Diary: A Guided Tour Through the Wilds of Software Security

Here you can read online Tobias Klein - A Bug Hunters Diary: A Guided Tour Through the Wilds of Software Security full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2011, publisher: No Starch Press, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

No cover
  • Book:
    A Bug Hunters Diary: A Guided Tour Through the Wilds of Software Security
  • Author:
  • Publisher:
    No Starch Press
  • Genre:
  • Year:
    2011
  • Rating:
    4 / 5
  • Favourites:
    Add to favourites
  • Your mark:
    • 80
    • 1
    • 2
    • 3
    • 4
    • 5

A Bug Hunters Diary: A Guided Tour Through the Wilds of Software Security: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "A Bug Hunters Diary: A Guided Tour Through the Wilds of Software Security" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

This is one of the most interesting infosec books to come out in the last several years.Dino Dai Zovi, Information Security ProfessionalGive a man an exploit and you make him a hacker for a day; teach a man to exploit bugs and you make him a hacker for a lifetime.Felix FX LindnerSeemingly simple bugs can have drastic consequences, allowing attackers to compromise systems, escalate local privileges, and otherwise wreak havoc on a system.A Bug Hunters Diary follows security expert Tobias Klein as he tracks down and exploits bugs in some of the worlds most popular software, like Apples iOS, the VLC media player, web browsers, and even the Mac OS X kernel. In this one-of-a-kind account, youll see how the developers responsible for these flaws patched the bugsor failed to respond at all. As you follow Klein on his journey, youll gain deep technical knowledge and insight into how hackers approach difficult problems and experience the true joys (and frustrations) of bug hunting.Along the way youll learn how to:Use field-tested techniques to find bugs, like identifying and tracing user input data and reverse engineering Exploit vulnerabilities like NULL pointer dereferences, buffer overflows, and type conversion flaws Develop proof of concept code that verifies the security flaw Report bugs to vendors or third party brokers A Bug Hunters Diary is packed with real-world examples of vulnerable code and the custom programs used to find and test bugs. Whether youre hunting bugs for fun, for profit, or to make the world a safer place, youll learn valuable new skills by looking over the shoulder of a professional bug hunter in action.

Tobias Klein: author's other books


Who wrote A Bug Hunters Diary: A Guided Tour Through the Wilds of Software Security? Find out the surname, the name of the author of the book and a list of all author's works by series.

A Bug Hunters Diary: A Guided Tour Through the Wilds of Software Security — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "A Bug Hunters Diary: A Guided Tour Through the Wilds of Software Security" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make

Felix 'FX' Lindner\n

A Bug Hunter's Diary follows security expert Tobias Klein as he tracks down and exploits bugs in some of the world's most popular software.

"/>
A Bug Hunter's Diary
Tobias Klein

Copyright 2011

All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owner and the publisher.

No Starch Press and the No Starch Press logo are registered trademarks of No Starch Press, Inc. Other product and company names mentioned herein may be the trademarks of their respective owners. Rather than use a trademark symbol with every occurrence of a trademarked name, we are using the names only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark.

The information in this book is distributed on an As Is basis, without warranty. While every precaution has been taken in the preparation of this work, neither the author nor No Starch Press, Inc. shall have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the information contained in it.

No Starch Press

Acknowledgments

I would like to thank the following people for their technical reviews and input on the book: Felix FX Lindner, Sebastian Krahmer, Dan Rosenberg, Fabian Mihailowitsch, Steffen Trscher, Andreas Kurtz, Marco Lorenz, Max Ziegler, Ren Schnfeldt, and Silke Klein, as well as Sondra Silverhawk, Alison Law, and everyone else at No Starch Press.

Introduction

Welcome to A Bug Hunters Diary . This book describes the life cycles of seven interesting, real-life software security vulnerabilities I found over the past several years. Each chapter focuses on one bug. Ill explain how I found the bug, the steps I took to exploit it, and how the vendor eventually patched it.

The Goals of This Book

The primary goal of this book is to provide you with practical exposure to the world of bug hunting. After reading this book, you will have a better understanding of the approaches that bug hunters use to find security vulnerabilities, how they create proof-of-concept code to test the vulnerabilities, and how they can report vulnerabilities to the vendor.

The secondary goal of this book is to tell the story behind each of these seven bugs. I think they deserve it.

Who Should Read the Book

This book is aimed at security researchers, security consultants, C/C++ programmers, penetration testers, and anyone else who wants to dive into the exciting world of bug hunting. To get the most out of the book, you should have a solid grasp of the C programming language and be familiar with x86 assembly.

If you are new to vulnerability research, this book will help you to get acquainted with the different aspects of hunting, exploiting, and reporting software vulnerabilities. If you are an already-experienced bug hunter, this book will offer a new perspective on familiar challenges and will likely make you chuckle at timesor put a knowing smile on your face.

Disclaimer

The goal of this book is to teach readers how to identify, protect against, and mitigate software security vulnerabilities. Understanding the techniques used to find and exploit vulnerabilities is necessary to thoroughly grasp the underlying problems and appropriate mitigation techniques. Since 2007, it is no longer legal to create or distribute hacking tools in Germany, my home country. Such tools include simple port scanners as well as working exploits. Therefore, to comply with the law, no full working exploit code is provided in this book. The examples simply show the steps used to gain control of the execution flow (the instruction pointer or program counter control) of a vulnerable program.

Resources

All URLs referenced throughout the book as well as the code examples, errata, updates, and other information can be found at http://www.trapkit.de/books/bhd/.

Chapter 1. Bug Hunting

Bug hunting is the process of finding bugs in software or hardware. In this book, however, the term bug hunting will be used specifically to describe the process of finding security-critical software bugs. Security-critical bugs, also called software security vulnerabilities, allow an attacker to remotely compromise systems, escalate local privileges, cross privilege boundaries, or otherwise wreak havoc on a system.

About a decade ago, hunting for software security vulnerabilities was mostly done as a hobby or as a way to gain media attention. Bug hunting found its way into the mainstream when people realized that its possible to profit from vulnerabilities.[]

Software security vulnerabilities, and programs that take advantage of such vulnerabilities (known as exploits ), get a lot of press coverage. In addition, numerous books and Internet resources describe the process of exploiting these vulnerabilities, and there are perpetual debates over how to disclose bug findings. Despite all this, surprisingly little has been published on the bug-hunting process itself. Although terms like software vulnerability or exploit are widely used, many peopleeven many information security professionalsdont know how bug hunters find security vulnerabilities in software.

If you ask 10 different bug hunters how they search through software for security-related bugs, you will most likely get 10 different answers. This is one of the reasons why there is not, and probably will never be, a cookbook for bug hunting. Rather than trying and failing to write a book of generalized instructions, I will describe the approaches and techniques that I used to find specific bugs in real-life software. Hopefully this book will help you develop your own style so you can find some interesting security-critical software bugs.

1.1 For Fun and Profit

People who hunt for bugs have a variety of goals and motivations. Some independent bug hunters want to improve software security, while others seek personal gain in the form of fame, media attention, payment, or employment. A company might want to find bugs to use them as fodder for marketing campaigns. Of course, there are always the bad apples who want to find new ways to break into systems or networks. On the other hand, some people simply do it for funor to save the world. Picture 1

1.2 Common Techniques

Although no formal documentation exists that describes the standard bug-hunting process, common techniques do exist. These techniques can be split into two categories: static and dynamic . In static analysis, also referred to as static code analysis , the source code of the software, or the disassembly of a binary, is examined but not executed. Dynamic analysis, on the other hand, involves debugging or fuzzing the target software while its executing. Both techniques have pros and cons, and most bug hunters use a combination of static and dynamic techniques.

My Preferred Techniques

Most of the time, I prefer the static analysis approach. I usually read the source code or disassembly of the target software line by line and try to understand it. However, reading all the code from beginning to end is generally not practical. When Im looking for bugs, I typically start by trying to identify where user-influenced input data enters the software through an interface to the outside world. This could be network data, file data, or data from the execution environment, to name just a few examples.

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «A Bug Hunters Diary: A Guided Tour Through the Wilds of Software Security»

Look at similar books to A Bug Hunters Diary: A Guided Tour Through the Wilds of Software Security. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «A Bug Hunters Diary: A Guided Tour Through the Wilds of Software Security»

Discussion, reviews of the book A Bug Hunters Diary: A Guided Tour Through the Wilds of Software Security and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.