ebook img

Modern Windows Exploit Development PDF

529 Pages·2016·19.0252 MB·other
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Modern Windows Exploit Development

Description:
This is the preface to a course about Modern Windows Exploit Development. I chose Windows because I’m
very familiar with it and also because it’s very popular. In particular, I chose Windows 7 SP1 64-bit. Enough
with Windows XP: it’s time to move on!
There are a few full-fledged courses about Exploit Development but they’re all very expensive. If you can’t
afford such courses, you can scour the Internet for papers, articles and some videos. Unfortunately, the
information is scattered all around the web and most resources are definitely not for beginners. If you always
wanted to learn Exploit Development but either you couldn’t afford it or you had a hard time with it, you’ve
come to the right place!
This is an introductory course but please don’t expect it to be child’s play. Exploit Development is hard and
no one can change this fact, no matter how good he/she is at explaining things. I’ll try very hard to be as
clear as possible. If there’s something you don’t understand or if you think I made a mistake, you can leav
a brief comment or create a thread in the forum for a longer discussion. I must admit that I’m not an expert. I
did a lot of research to write this course and I also learned a lot by writing it. The fact that I’m an old-time
reverse engineer helped a lot, though.
In this course I won’t just present facts, but I’ll show you how to deduce them by yourself. I’ll try to motivate
everything we do. I’ll never tell you to do something without giving you a technical reason for it. In the last
part of the course we’ll attack Internet Explorer 10 and 11. My main objective is not just to show you how to
attack Internet Explorer, but to show you how a complex attack is first researched and then carried out.
Instead of presenting you with facts about Internet Explorer, we’re going to reverse engineer part of Internet
Explorer and learn by ourselves how objects are laid out in memory and how we can exploit what we’ve
learned. This thoroughness requires that you understand every single step of the process or you’ll get lost in
the details.
As you’ve probably realized by now, English is not my first language (I’m Italian). This means that reading
this course has advantages (learning Exploit Development) and disadvantages (unlearning some of your
English). Do you still want to read it? Choose wisely
To benefit from this course you need to know and be comfortable with X86 assembly. This is not negotiable!
I didn’t even try to include an assembly primer in this course because you can certainly learn it on your own.
Internet is full of resources for learning assembly. Also, this course is very hands-on so you should follow
along and replicate what I do. I suggest that you create at least two virtual machines with Windows 7 SP1
64-bit: one with Internet Explorer 10 and the other with Internet Explorer 11.
I hope you enjoy the ride!
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.