Key Features

* Covers a range of operating system families -- Windows, Mac OS X, UNIX-derivates
* Details common scenarios such as generic memory corruption (stack overflow, heap overflow, etc) issues, logical bugs and race conditions.
* Delivers the reader from user-land exploitation to the world of kernel-land (OS) exploits/attacks, with a particular focus on the steps that bring to the creation of successful techniques, in order to give to the reader something more than a set of tricks, a full methodology

Description

With the increasing number of security countermeasures against user land exploitation, kernel level exploitation is getting more and more popular among attackers and, generically, exploit writers. Playing with the heart of the operating system can be a dangerous game: this book covers the theoretical techniques and approaches needed to develop reliable and effective kernel level exploits and applies them to different operating systems (Unix-derivate, Mac OS X, Windows).

Kernel exploits take both art and science. Every OS has its quirks and so every exploit must be molded to fully exploit its target. This book discusses the four most popular OS familiess-- UNIX-derivates, MAC OS X and Windows --and how to gain complete control over them.

Concepts and tactics ar presented categorically so that even when a specifically detailed exploit has been pathced, the foundational information that you have read will help to write a newer, better attack, if you are a hacker; a more concrete design and defensive structure, if you are a pen tester, auditor, or the like.

* Covers a range of operating system families -- Windows, Mac OS X, UNIX-derivates
* Details common scenarios such as generic memory corruption (stack overflow, heap overflow, etc) issues, logical bugs and race conditions.
* Delivers the reader from user-land exploitation to the world of kernel-land (OS) exploits/attacks, with a particular focus on the steps that bring to the creation of successful techniques, in order to give to the reader something more than a set of tricks: a full methodology.

Content:
Introduction

Part I: A Journey to Kernel Land

Chapter 1: From User Land to Kernel Land Attacks

Chapter 2: A Taxonomy of Kernel Vulnerabilities

Chapter 3: Stairway to Successful Kernel Exploitation

Part II: The Unix Family, Mac OS X, and Windows

Chapter 4: The Unix Family

Chapter 5: Mac OS X

Chapter 6: Windows

Part III: Remote Kernel Exploitation

Chapter 7: Facing the Challenges of Remote Exploitation

Chapter 8: Putting it all Together: A Linux Case Study

Part IV: Final Words

Chapter 9: Kernel Evolution: Future Attacks and Defense