The number of security countermeasures against user-land exploitation is on the rise. Because of this, kernel exploitation is becoming much more popular among exploit writers and attackers. Playing with the heart of the operating system can be a dangerous game: This book covers the theoretical techniques and approaches needed to develop reliable and effective kernel-level exploits and applies them to different operating systems (Linux, Solaris, Mac OS X, and Windows). Kernel exploits require both art and science to achieve. Every OS has its quirks and so every exploit must be molded to fully exploit its target. This book discusses the most popular OS families - UNIX derivatives, Mac OS X, and Windows - and how to gain complete control over them. Concepts and tactics are presented categorically so that even when a specifically detailed exploit has been patched, the foundational information that you have read will help you to write a newer, better attack or a more concrete design and defensive structure. This title: covers a range of operating system families - UNIX derivatives, Mac OS X, Windows; details common scenarios such as generic memory corruption (stack overflow, heap overflow, etc.) issues, logical bugs and race conditions; and, delivers the reader from user-land exploitation to the world of kernel-land (OS) exploits/attacks, with a particular focus on the steps that lead to the creation of successful techniques, in order to give to the reader something more than just a set of tricks.
A Guide to Kernel Exploitation: Attacking the Core
and over 1.5 million other books are available for Amazon Kindle . Learn more
| |||||||||||||||
 Trade In this Item for up to £1.60
Trade in A Guide to Kernel Exploitation: Attacking the Core for an Amazon.co.uk gift card of up to £1.60, which you can then spend on millions of items across the site. Trade-in values may vary (terms apply). Special Offer until June 30, 2013: Receive an additional £5 promotional Gift Card, when you trade-in at least £10 worth of books. Learn more
|
Book Description
Frequently Bought Together
Product details
Would you like to update product info or give feedback on images?
|
More About the Author
Discover books, learn about writers, and more.
Product Description
Review
"A very interesting book that not only exposes readers to kernel exploitation techniques, but also deeply motivates the study of operating systems internals, moving such study far beyond simple curiosity."--Golden G. Richard III, Ph.D., Professor of Computer Science, University of New Orleans and CTO, Digital Forensics Solutions, LLC
About the Author
Enrico Perla currently works as a kernel programmer at Oracle. He received his B.Sc. in Computer Science from the University of Torino, and his M.Sc. in Computer Science from Trinity College Dublin. His interests range from low-level system programming to low-level system attacking, exploiting, and exploit countermeasures. Massimiliano Oldani currently works as a Security Consultant at Emaze Networks. His main research topics include operating system security and kernel vulnerabilities.
Inside This Book
(Learn More)
What Other Items Do Customers Buy After Viewing This Item?
Customer Reviews
Most Helpful Customer Reviews
1 of 1 people found the following review helpful
Format:Paperback|Amazon Verified Purchase
Coming from a background in IT security and with a reasonable understanding of system architectures I found this book to be an absolutely refreshing change from the standard regurgitated offerings that are dominating the field due to nothing better being available.
This book gives you a solid understanding of a wide range of kernel (and application) level security flaws to a level where you would feel comfortable discussing this not with your average IT security consultant (who would be lost soon after stack overflow) but with serious and dedicated professionals working at the bleeding edge of OS security.
I cannot recommend this book highly enough. However it does assume a background of being able to follow C code (or at least understand the algorithmic flow), elementary Data structures (pointers, lists) and fundamentals of OS design (try Operating Systems by Deitel for a good core intro). Some assembly might help as well. But don't let that put you off... it's not absolutely necessary.
It genuinely is one of those books where you think 'WOW.. I wish I wrote that!'.
Nothing in the field comes closer to delivering what this book does.
As you may have guessed. Highly recommended.
This book gives you a solid understanding of a wide range of kernel (and application) level security flaws to a level where you would feel comfortable discussing this not with your average IT security consultant (who would be lost soon after stack overflow) but with serious and dedicated professionals working at the bleeding edge of OS security.
I cannot recommend this book highly enough. However it does assume a background of being able to follow C code (or at least understand the algorithmic flow), elementary Data structures (pointers, lists) and fundamentals of OS design (try Operating Systems by Deitel for a good core intro). Some assembly might help as well. But don't let that put you off... it's not absolutely necessary.
It genuinely is one of those books where you think 'WOW.. I wish I wrote that!'.
Nothing in the field comes closer to delivering what this book does.
As you may have guessed. Highly recommended.
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com:
4.4 out of 5 stars
22 reviews
14 of 16 people found the following review helpful
5.0 out of 5 stars
Readable, instructive, concise, just two caveats
4 Oct 2010
By DDDDDDD
- Published on Amazon.com
Format:Paperback
My colleague showed me this book (full disclosure: he was a reviewer) - he made his students buy it it for his OS II class (assigned middle of the semester!) one week ago - hot off the presses. I got two copies, one for my office and one for reading on the bus.
It's one of three technical exploit books I'd take on a deserted, networked, powered island. Part 1: Journey into Kernel Land (Intro and explanations) is one of the most succinct clear intros I have ever seen. I wish I could distributed that as a document for class. The section on Windows is current and well done, also because the difference between 32 and 64 bit architectures and approaches are emphasized (this is not the case with Eilam's book alas, though very good) - this book is up to date. I think the Unix section needs to be updated, though, my colleague said that some of the exploits were possible in 2006/2007 but with kernel changes some APIs are not available etc. This needs to be updated. Cannot comment on the Mac section, because no expertise.
Website available and examples useful: [...]
Wishlist:
1) There are some unavoidable typos, sure: p.10: MAC is nor Media Access Control in a security context, it's Mandatory Access Control
2) I would have really really like an expanded section on hypervisors and virtualization (there is a mini epilogue on it at the end)- that would have made my day
3) The Linux case study was neat - for next version, do Windows Stuxnet's m.o. because it adds all sorts of interesting kernel root attack pathways
You will not regret buying this book - it is obvious and much appreciated that the authors put a lot of effort into making an readable guide for the medium to expert reader that can double as a textbook companion.
Daniel Bilar
CS Department
UNO
It's one of three technical exploit books I'd take on a deserted, networked, powered island. Part 1: Journey into Kernel Land (Intro and explanations) is one of the most succinct clear intros I have ever seen. I wish I could distributed that as a document for class. The section on Windows is current and well done, also because the difference between 32 and 64 bit architectures and approaches are emphasized (this is not the case with Eilam's book alas, though very good) - this book is up to date. I think the Unix section needs to be updated, though, my colleague said that some of the exploits were possible in 2006/2007 but with kernel changes some APIs are not available etc. This needs to be updated. Cannot comment on the Mac section, because no expertise.
Website available and examples useful: [...]
Wishlist:
1) There are some unavoidable typos, sure: p.10: MAC is nor Media Access Control in a security context, it's Mandatory Access Control
2) I would have really really like an expanded section on hypervisors and virtualization (there is a mini epilogue on it at the end)- that would have made my day
3) The Linux case study was neat - for next version, do Windows Stuxnet's m.o. because it adds all sorts of interesting kernel root attack pathways
You will not regret buying this book - it is obvious and much appreciated that the authors put a lot of effort into making an readable guide for the medium to expert reader that can double as a textbook companion.
Daniel Bilar
CS Department
UNO
6 of 6 people found the following review helpful
5.0 out of 5 stars
An excellent book on kernel exploitation
19 Oct 2010
By Blake Self
- Published on Amazon.com
Format:Paperback|Amazon Verified Purchase
I bought this book in hopes of finding an informative and thought provoking look at kernel exploitation - I was not disappointed. Aside from a few minor typos, I found this book to be one of the most well written books on exploitation that I have read. I have recommended it to some fellow students and a professor (I am a graduate student in computer science). I highly recommend this book for anybody that is interested in kernel exploitation. In my opinion, this book is currently the best source of information on exploiting the kernel since Phrack #64 file 6.
5 of 5 people found the following review helpful
5.0 out of 5 stars
the new bible for kernel hackers
30 Dec 2010
By Ari Elias Bachrach
- Published on Amazon.com
Format:Paperback|Amazon Vine™ Review
(What's this?)
I've read plenty of works that have covered kernel exploits at their most basic level - fill up a buffer, overwrite the stack pointer, and insert your code with a nop sled. I can't think of anything that comes close to the depth and breadth offered by this book. It starts where technical books always should but rarely do - with theory. The first part of the book deals with explaining the kernel, describing the various types of kernel exploits, and has a lengthy discussion of architectural options that may effect a kernel exploit. The second part of the book gets practical. They cover the three main classes of OS in depth - Windows, Mac, and Unix. Each kernel is discussed, its' peculiarities analyzed, tool suggestions provided, debugging explained, and numerous examples of previous kernel exploits are given. There is also a chapter on remote exploitation, and the book wraps up with a fantastic case study which ties everything together in a real world example. This is going to quickly become a staple in the library of every kernel hacker as both a reference work and educational guide.
A quick note on the technical level of the book - it assumes you know C, understand something about how kernels work, and have at least a passing familiarity with assembly. There is a lot of code in the book, all of which is helpfully on the book's website at attackingthecore.com.
A quick note on the technical level of the book - it assumes you know C, understand something about how kernels work, and have at least a passing familiarity with assembly. There is a lot of code in the book, all of which is helpfully on the book's website at attackingthecore.com.
›
Go to Amazon.com to see all 22 reviews
4.4 out of 5 stars
Were these reviews helpful?
Let us know
Listmania!
Look for similar items by category
Feedback
- Would you like to update product info or give feedback on images?
- I am the Author, and I want to comment on my book.
- I am the Publisher, and I want to comment on this book.
|
