From: "Huber, George K CECOM RDEC STCD SRI" <George.K.Huber@us.army.mil>
To: 'ashtrax' <xlp@emtel.net.co>, linux-c-programming@vger.kernel.org
Subject: RE: A exploitable C program
Date: Fri, 12 Jul 2002 10:49:38 -0400 [thread overview]
Message-ID: <DDFD9B60F648D411AD670000F80822EA03FCA961@mail7.monmouth.army.mil> (raw)
You might want to check out the following two books,
(1) Writing Secure Code
Michael Howard, Davbid Leblanc
ISBN: 0735615888
published Nov 2001.
(2) Building Secure Software: How to Avoid Security Problems the Right Way
John Viega, Gary McGraw
ISBN: 020172152X
published Oct 2001.
Both have extensive sections on buffer overflows (how to manipulate
them and how to fix/prevent them). The first book focuses on Microsoft
technologies (MS VC++, Visual Basic, C#), but the concepts should be
widely applicable. The second book is more general.
George Huber
Computer Scientist
SRI, International
phone: 732-427-8064
fax : 732-427-2065
cell : 732-740-4018
george.huber@mail1.monmouth.army.mil
George Huber
Computer Scientist
SRI, International
phone: 732-427-8064
fax : 732-427-2065
cell : 732-740-4018
george.huber@mail1.monmouth.army.mil
-----Original Message-----
From: ashtrax [mailto:xlp@emtel.net.co]
Sent: Friday, July 12, 2002 12:34 AM
To: linux-c-programming@vger.kernel.org
Subject: A exploitable C program
Hi, I keep trying to understand buffer overflow, I would like you help me
finding a exploitable C program, not so complex, that demands me a serious
and deep analysis of how find shellcode, elf disamble and other process I
already ignore.
I want to have the ability of release proof of concept exploit and
understand credentials, setiud root and all secure programming topics.
What program do you suggest for have a good start?
bye.
p.s. Why I cant 'get' with majordomo all the list archives? (get
linux-c-programming <date>)
-
To unsubscribe from this list: send the line "unsubscribe
linux-c-programming" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next reply other threads:[~2002-07-12 14:49 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-07-12 14:49 Huber, George K CECOM RDEC STCD SRI [this message]
-- strict thread matches above, loose matches on Subject: below --
2002-07-14 9:22 A exploitable C program jnf
2002-07-12 4:33 ashtrax
2002-07-12 10:01 ` Elias Athanasopoulos
2002-07-12 20:30 ` ashtrax
2002-07-13 8:27 ` Elias Athanasopoulos
2002-07-15 17:41 ` Marius Nita
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DDFD9B60F648D411AD670000F80822EA03FCA961@mail7.monmouth.army.mil \
--to=george.k.huber@us.army.mil \
--cc=linux-c-programming@vger.kernel.org \
--cc=xlp@emtel.net.co \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).