Skip to Main Content
Sockets, Shellcode, Porting, and Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals
book

Sockets, Shellcode, Porting, and Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals

by James C Foster
April 2005
Intermediate to advanced content levelIntermediate to advanced
700 pages
20h 39m
English
Syngress
Content preview from Sockets, Shellcode, Porting, and Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals
Format String Attacks
Format string bugs are present when no formatting characters are specified as
an argument for a function that utilizes va_arg style argument lists.
Common houses for format string vulnerabilities are found in statements such
as printf(argv[1]). The quick fix for this problem is to place a “%s” instead of the
argv[1] argument.The corrected statement would look like printf(“%s”, argv[1]).
TCP/IP Vulnerabilities
The purpose of a TCP spoofing attack is to exploit a trust relationship
between two systems.The attacker must know in advance that host A trusts
host B completely. An example attack works like this: An attacker sends some ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

32/64-Bit 80x86 Assembly Language Architecture

32/64-Bit 80x86 Assembly Language Architecture

James Leiterman

Publisher Resources

ISBN: 9781597490054