Използваме бисквитки, за да подобрим уебсайта на Bookmate и нашите препоръки.
За повече информация, моля, прочетете нашата Политика за бисквитките.
Приеми всички бисквитки
Настройки на бисквитки
A Bug Hunter's Diary, Tobias Klein
en
Tobias Klein

A Bug Hunter's Diary

Уведоми ме, когато книгата е добавена
За да прочете тази книга, качете я във формат EPUB или FB2 в Bookmate. Как се качва книга?
  • SKцитирапреди 5 години
    2]See Daniel Hodson, “Uninitialized Variables: Finding, Exploiting, Automating” (presentation, Ruxcon, 2008), http://felinemenace.org/~mercy/slides/RUXCON2008-UninitializedVariables.pdf.
    [3]See Common Weakness Enumeration, CWE List, CWE - Individual Dictionary Definition (2.0), CWE-415: Double Free at http://cwe.mitre.org/data/definitions/415.html
  • SKцитирапреди 5 години
    Potentially Vulnerable Code Locations

    This is only one approach to bug hunting. Another tactic for finding potentially vulnerable locations in the code is to look at the code near “unsafe” C/C++ library functions, such as strcpy() and strcat(), in search of possible buffer overflows. Alternatively, you could search the disassembly for movsx assembler instructions in order to find sign-extension vulnerabilities. If you find a potentially vulnerable code location, you can then trace backward through the code to see whether these code fragments expose any vulnerabilities accessible from an application entry point. I rarely use this approach, but other bug hunters swear by it
fb2epub
Плъзнете и пуснете файловете си (не повече от 5 наведнъж)