Hacking Ubuntu: Serious Hacks Mods and Customizations (ExtremeTech)

E

EBP register, 15

editors

Emacs, 385

Vim, 385

EFLAGS (extended flags) register, 7

egress filtering, 501

EIP (extended instruction pointer) register, 7, 2022

ELF file, 107

Eller, Riley "Caezar", "Bypassing MSB Data Filters for Buffer Overflows" (paper), 197198

Emacs editor, 385

encoder/decoder for Windows shellcode, 123124

encryption of shellcode, 289299

Engler, Dawson, "Using Programmer-Written Compiler Extensions to Catch Security Holes" (paper), 530

entries in the .DTORS section, overwriting, 81

environment for work

debug.exe debugger, 337338

gcc (GNU Compiler Collection), 334

gdb (GNU Debugger), 335

generic fuzzers , 337

NetCat, 338

offset finder, 336337

OllyDbg, 335

Python, 336

SoftICE, 335336

Unix, 338339

Visual C++, 336

VMWare, 504

WinDbg, 335

Windows, 339340

ESP (extended stack pointer) register, 7, 1314, 2426

Ethereal network analysis tool, 339, 374375

EVE, 427428

exception handlers

defined, 150

frame-based , 150160

stack-based, 150

exception handling

Linux, 116

overwriting default unhandled exception handler (Windows), 71

vectored exception handling, 117, 175

Windows NT, 116117, 150

exec system call (Solaris), 221222

exec_ibcs2_coff_prep__zmagic() vulnerability (OpenBSD)

breakpoints, 555556

check_exec() function, 542

COFF binary, 543544, 549

coff_find_section() function, 544

es_check function pointer, 542

exec_ibcs2_coff_prep_zmagic( ) function, 540544

execsw array, 542

fake COFF executable, 550554

interface, 538539

kernel mode payload creation, 560561

locating the process descriptor, 558560

NEW_VMCMD macro, 544

overwriting the return address, 557

reaching, 549

redirecting execution, 557

returning to kernel mode, 564567

returning to user mode, 562564

root privileges, 567574

vn_rdwr() function, 539, 544

executing system calls in Linux, 3637

execve () system call, 4549

exit() shellcode, 3841

exit() system call, 3738

exit_group() shellcode, 4142

ExitProcess() function (Windows), 132

ExitThread() function (Windows), 115

Exploiting Format String Vulnerabilities (article), scut, 342

exploiting vulnerabilities, 499500

Exploiting Windows NT 4 Buffer Overruns (article), David Litchfield, 341

exploits

alphanumeric filters, 197201

DCOM, 114

defined, 4

format string bugs , 6263

information leaks, 507508

local exploits, 505

non-executable stacks, 191193

one-factor exploits, 500

reliability, 500

rpc.ttdbserver (Tru64), 322330

stabilizing, 347

stack overflows

buffers, 1213, 1820

exec_ibcs2_coff_prep_zmagic() (OpenBSD), 549574

instruction pointer, 2022

OpenBSD exec_ibcs2_coff_prep__zmagic() , 561564

root privileges, 2224

"Smashing the Stack for Fun and Profit" (paper), Aleph One, 11

syscall proxies, 486498

testing, 503504

two-factor exploits, 500

Unicode filters, 201202

Unicode vulnerabilities, 203205

versioning, 500501

wuftpd2600.c, 78

export table (PE files), 107

extended flags (EFLAGS) register, 7

extended instruction pointer (EIP) register, 7, 2022

extended stack pointer (ESP) register, 7, 1314, 2426

extproc overflow (Oracle), 406410