A Guide to Kernel Exploitation book cover

A Guide to Kernel Exploitation

Attacking the Core

The number of security countermeasures against user-land exploitation is on the rise. Because of this, kernel exploitation is becoming much more popular among exploit writers and attackers. Playing with the heart of the operating system can be a dangerous game: This book covers the theoretical techniques and approaches needed to develop reliable and effective kernel-level exploits and applies them to different operating systems (Linux, Solaris, Mac OS X, and Windows). Kernel exploits require both art and science to achieve. Every OS has its quirks and so every exploit must be molded to fully exploit its target. This book discusses the most popular OS families-UNIX derivatives, Mac OS X, and Windows-and how to gain complete control over them. Concepts and tactics are presented categorically so that even when a specifically detailed exploit has been patched, the foundational information that you have read will help you to write a newer, better attack or a more concrete design and defensive structure.

Audience
Intermediate to advanced pen testers, hackers and OS system designers and developers

Paperback, 464 Pages

Published: September 2010

Imprint: Syngress

ISBN: 978-1-59749-486-1

Reviews

  • "A very interesting book that not only exposes readers to kernel exploitation techniques, but also deeply motivates the study of operating systems internals, moving such study far beyond simple curiosity."--Golden G. Richard III, Ph.D., Professor of Computer Science, University of New Orleans and CTO, Digital Forensics Solutions, LLC


Contents

  • Part I: A Journey to Kernel-Land
    Chapter 1: From User-Land to Kernel-Land Attacks
    Chapter 2: A Taxonomy of Kernel Vulnerabilities
    Chapter 3: Stairway to Successful Kernel Exploitation
    Part II: The UNIX Family, Mac OS X, and Windows
    Chapter 4: The UNIX Family
    Chapter 5: Mac OS X
    Chapter 6: Windows
    Part III: Remote Kernel Exploitation
    Chapter 7: Facing the Challenges of Remote Kernel Exploitation
    Chapter 8: Putting It All Together: A Linux Case Study
    Part IV: Final Words
    Chapter 9: Kernel Evolution: Future Forms of Attack and Defense 

Advertisement

advert image