June 2007
Intermediate to advanced
576 pages
14h 20m
English
“This foreign policy stuff is a little frustrating.”
—George W. Bush, as quoted by the New York Daily News, April 23, 2002
Local fuzzing is arguably the simplest type of fuzzing. Although many attackers and researchers will have more impressive results exploiting remote and client-side vulnerabilities, local privilege escalation is still an important topic. Even when a remote attack is leveraged to gain access to a targeted machine, local attacks are often used as a secondary attack vector to obtain required privileges.
A user can introduce variables into a program in two main ways. Other than the obvious standard input device, which is usually the ...