D., 49, 258, 378, 383
motivations of hackers, 5
multistage shellcode, 202
See also shellcode
mutations, 490
against format string exploits, 493??“495
against heap overflows, 492??“493
against stack overflows, 490??“492
mutexes, enumerating, 439??“440
Index
545
N
named kernel objects, enumerating,
439??“440
named pipes, enumerating, 438
Nepenthes, 503, 508??“510
network byte order, 221
nibbles, 128
NIPrint server exploit example, 266??“274
non-executable memory pages, 184,
192??“193
NOP sled, 155
Norman Sandbox, 518??“519
notification, 56??“58
NTLM protocol, weakness in, 92
NTSD (Microsoft NT Symbolic
Debugger), 246
NULL DACL, 408??“409
O
objdump utility, 526
OIS. See Organization for Internet
Safety (OIS)
OllyBonE, 528
OllyDbg, debugging with, 254??“258
OllyDump, 529
Operation Cyber Sweep, 25??“26
Operation French Fry, 21
Organization for Internet Safety (OIS),
54??“55
controversy surrounding
OIS guidelines, 63
discovery, 55??“56
notification, 56??“58
release, 62
resolution, 61??“62
validation, 58??“61
originator, 53
overflow of meet.c, 150??“153
P
packers, 501, 524??“525
UPX, 527
Page-eXec patches, 184
passive analysis, 277
binary analysis, 289??“307
ethical reverse engineering, 277??“279
passwords, 12??“13
brute-force password retrieval with the LM
Hashes+ challenge, 94??“96
source code analysis, 279??“289
using Metasploit as a man-in-the-middle
password stealer, 91??“98
patch, 485??“486
patch failures, 67
PatchByte function, 531
patching, 484
binary mutation, 490??“495
binary patching, 486??“490
executable formats, 487??“488
limitations, 489??“490
patch development and use, 485??“486,
488??“489
source code patching, 484??“486
third-party initiatives, 495??“496
what to patch, 484??“485
when to patch, 484
why patch, 486??“487
PaX.
Pages:
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932