Table of Contents
Previous Section Next Section

Index

S

saved frame pointer (SFP), 19-20, 22
S-box array, 213, 213-14
scanning, port. See port scanning
scripting tool, 158
SDMI (Secure Digital Music Initiative), 3
secret key, 186
Secure Digital Music Initiative (SDMI) 3
Secure Sockets Layer (SSL) encryption, 174
segmentation, program memory, 18-21
segments, avoiding using other, 92-94
sequence numbers, 144
session layer, 140
setreuid( ) function, 90, 99
setuid( ) function, 132, 132-33, 137
SFP (saved frame pointer ), 19-20, 22
sgid (set group ID), 15
Shannon, Claude, 174
shell.asm, 90-92
shellcode
defined, 24
writing, 84-129
avoiding using other segments, 92-94
common assembly instructions, 84-85
Hello, World program, 87-89
Linux system calls, 85-87
polymorphic shellcode, 102-3 printable ASCII instructions, 101-2
removing null bytes, 94-98
shell-spawning code, 90-92
using stack, 98-101
shellcode.asm, 93-98
SHELLCODE environment variable, 38
shell-spawning code, 90-92
Shor, Peter, 184-85
shroud, 165-72
single-byte instructions, 101, 102
Sklyarov, Dmitry, 3
smurf attack, 162
sniffing, network, 146-56
Solar Designer, 132, 199, 231, 232
Sparc assembly language, 9
special interrupt (int 0x80), 88
spoofing, 149, 163
sprintf( ) function, 136-37
SSH daemon, 190
SSH host fingerprints, 189
SSH MiM attack, 195
Ssharpd daemon, 187
ssharp MiM tool, 190, 232
SSL (Secure Sockets Layer) encryption, 174
stack-based overflows, 23-41
exploitation without exploit code, 202
exploit.c code, 26-27
exploition without exploit code, 27-31
using environment, 31-40
env_exploit.c code, 32-38
getenvaddr.c code, 38-41
vuln2.c code, 31-32
vuln.c code, 24-26
stack frame, 19
stack segment, 19
stackshell.asm, 98-100
stack, smaller shellcode using, 98-101
Stallman, Richard, 3
stealth SYN scan, 163
strcpy( ) function, 84
stream ciphers, 178
string, defined, 17
str string pointer, 22
sub esp instruction, 105
sub instruction, 85, 94, 106-7
suid root programs, 16
switched network environment, 149
symmetric ciphers, 178
symmetric encryption, 178-80
SYN/ACK packets, 144, 162, 163, 164, 166, 167
SYN flag, 144
SYN flooding, 162
SYN packets, 144, 145, 162, 163, 164, 168
system( ) function, 130-31, 132, 137-38

Table of Contents
Previous Section Next Section