A Guide to Kernel Exploitation: Attacking the Core

·
· Elsevier
4.3
6 reviews
Ebook
464
Pages
Eligible
Ratings and reviews aren’t verified  Learn More

About this ebook

A Guide to Kernel Exploitation: Attacking the Core discusses the theoretical techniques and approaches needed to develop reliable and effective kernel-level exploits, and applies them to different operating systems, namely, UNIX derivatives, Mac OS X, and Windows. Concepts and tactics are presented categorically so that even when a specifically detailed vulnerability has been patched, the foundational information provided will help hackers in writing a newer, better attack; or help pen testers, auditors, and the like develop a more concrete design and defensive structure.The book is organized into four parts. Part I introduces the kernel and sets out the theoretical basis on which to build the rest of the book. Part II focuses on different operating systems and describes exploits for them that target various bug classes. Part III on remote kernel exploitation analyzes the effects of the remote scenario and presents new techniques to target remote issues. It includes a step-by-step analysis of the development of a reliable, one-shot, remote exploit for a real vulnerabilitya bug affecting the SCTP subsystem found in the Linux kernel. Finally, Part IV wraps up the analysis on kernel exploitation and looks at what the future may hold. - Covers a range of operating system families — UNIX derivatives, Mac OS X, Windows - Details common scenarios such as generic memory corruption (stack overflow, heap overflow, etc.) issues, logical bugs and race conditions - Delivers the reader from user-land exploitation to the world of kernel-land (OS) exploits/attacks, with a particular focus on the steps that lead to the creation of successful techniques, in order to give to the reader something more than just a set of tricks

Ratings and reviews

4.3
6 reviews
A Google user
Apart from being a nice guide to Kernel Exploitation this book serves as a good reference for XNU kernel too, which has very less literature online or offline.
1 person found this review helpful
Did you find this helpful?
Martin Erhardt
October 14, 2014
It seems to be very interesting for me
Did you find this helpful?
Anil Das
May 9, 2021
AÀA BOSS NETWORK
Did you find this helpful?

About the author

Enrico Perla currently works as a kernel programmer at Oracle. He received his B.Sc. in Computer Science from the University of Torino, and his M.Sc. in Computer Science from Trinity College Dublin. His interests range from low-level system programming to low-level system attacking, exploiting, and exploit countermeasures.Massimiliano Oldani currently works as a Security Consultant at Emaze Networks. His main research topics include operating system security and kernel vulnerabilities.

Rate this ebook

Tell us what you think.

Reading information

Smartphones and tablets
Install the Google Play Books app for Android and iPad/iPhone. It syncs automatically with your account and allows you to read online or offline wherever you are.
Laptops and computers
You can listen to audiobooks purchased on Google Play using your computer's web browser.
eReaders and other devices
To read on e-ink devices like Kobo eReaders, you'll need to download a file and transfer it to your device. Follow the detailed Help Center instructions to transfer the files to supported eReaders.
Report illegal content

Similar ebooks

Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations
Nicole Forsgren, PhD
Business & investing
€12.44€8.46
The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win
Gene Kim
Business & investing
€10.52
The DevOps Handbook: How to Create World-Class Agility, Reliability, & Security in Technology Organizations, Edition 2
Gene Kim
Business & investing
€19.57
Enterprise Architecture As Strategy: Creating a Foundation for Business Execution
Jeanne W. Ross
Business & investing
€45.99€32.19