Home page logo

fulldisclosure logo Full Disclosure mailing list archives

"Book of unreleased exploits" Clarification
From: "Jack Koziol" <jack.koziol () infosecinstitute com>
Date: Mon, 15 Mar 2004 14:45:53 -0600

Over the weekend there were a bunch of posts to FD talking about a "Book of
unreleased exploits". As the lead author for the book in question, The
Shellcoder's Handbook, I want to get a post out to FD to clarify what
Shellcoder's is all about, and dispel some of the misinformation floating
around about it.

Essentially, yes, there are some 0day or unreleased exploits contained in
the book, but it is by no means a "compendium" of them, and there is nowhere
near 150 of them. The goal of the book is to teach vulnerability
development/discovery and software exploitation for programs written in C
family of languages. In the book, the 0day is somewhat of an afterthought,
it was included primarily to prove that the techniques and examples in the
book can be used to find security bugs for software actually used in the
real world. It makes the content of the book more interesting, rather than
exploiting simple 5 line programs for 700 pages, we slowly graduate the
reader to vuln dev on a variety of real world applications and on many
different platforms (Linux/Win32 on IA32, solaris on sparc, Tru64, etc.).
Like Dave said when we were roughing out the table of contents over a year
ago, "lots of people have read Smashing the Stack for Fun and Profit, but
very few can actually do something with it".

The book has four parts, first showing the reader how to write exploits for
simple contrived programs, then graduating to real software exploitation,
flowing to how to discover these bugs via binary/source auditing,
instrumented investigation, and fuzzing. Finally we cover some advanced
content, such as finding and exploiting bugs in the Solaris and OpenBSD
kernels, and exploit development for database software packages.

Jack Koziol

PS: A group of incredibly brilliant people worked very hard on making this
book possible, and to call it "lame" without ever having read it, is well,
to use your own language, really lame. If you read/skim it at Borders and
think it sucks, that's cool, but at least take the time to read something
before your criticize it in public.

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
  • "Book of unreleased exploits" Clarification Jack Koziol (Mar 15)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]