参考文献

[1] TESO Security Group, http://www.team-teso.net/

[2] Chaos Computer Club: 17th Chaos Communication Congress, http://www.ccc.de/congress/

[3] portal, “Format String Exploitation Demystified”, preliminary version 21, not yet published, http://www.security.is/

[4] Pascal Bouchareine, “format string vulnerability”, http://www.hert.org/papers/format.html

[5] Plasmoid / THC, Stack overflows, http://www.thehackerschoice.com/papers/OVERFLOW.TXT

[6] Halvar Flake, “Auditing binaries for security vulnerabilities”, http://www.blackhat.com/presentations/bh-europe00/HalvarFlake/HalvarFlake.ppt

[7] GDB, The GNU Debugger, http://www.gnu.org/software/gdb/gdb.html

[8] ltrace, no official maintainer, http://www.debian.org/Packages/stable/utils/ltrace.html

[9] strace, http://www.wi.leidenuniv.nl/%7ewichert/strace/

[10] GNU binutils, http://www.gnu.org/gnulist/production/binutils.html

[11] PaX group, “Implementing non executeable rw pages on the x86”, http://pageexec.virtualave.net/

[12] Tool Interface Standard, Executeable and Linking Format Specifications v1.2, http://segfault.net/%7escut/cpu/generic/TIS-ELF%20v1.2.pdf

[13] Silvio, “ELF executeable reconstruction from a core image”, http://www.big.net.au/%7esilvio/core-reconstruction.txt

[14] Solar Designer, post to Bugtraq mailing list demonstrating return into libc, Bugtraq Archives 1997 August 10

[15] Solar Designer, JPEG COM Marker Processing Vulnerability in Netscape Browsers, advisory demonstrating malloc management information overwrite, http://www.openwall.com/advisories/OW-002-netscape-jpeg.txt

[16] Pascal Bouchareine, “__atexit in memory bugs: proof of concept”

[17] Juan M. Bello Rivas, “Overwriting the .dtors section”

[18] Matt Conover aka Shok, “w00w00 on Heap Overflows”, http://www.w00w00.org/files/articles/heaptut.txt

[19] Bulba and Kil3r, Lam3rZ, Bypassing StackGuard and StackShield, Phrack issue 56, article #5, http://phrack.infonexus.com/

[20] Kil3r, Lam3rZ, 33_su.c, exploit for su/msgfmt for Immunix Linux

[21] LSD crew, IRIX telnet daemon exploit irx_telnetd.c and explanations, http://www.lsd-pl.net/ , http://www.securityfocus.com/templates/archive.pike?list=1&mid=75864

[22] TESO wu-ftpd 2.6.0 exploit: 7350wu, http://www.team-teso.net/releases.php

results matching ""

    No results matching ""