0

EXPLOITING SOFTWARE 1/2011

Download
File
HES_01_2011_new.pdf
Please login or Register to access downloadables
Download

Cracking Java Applications Using AOP exploits (part 1)
By Daniel Drozdzewski
Aspect Oriented Programming is a paradigm that aims to modularise software further by the separation of crosscutting concerns. Daniel will show us the basics of AOP and a simple, yet powerful idea behind the exploit.

Smashing the Stack
By Mariano Graxziano and Marco Balduzzi
For decades hackers have discovered and exploited the most concealed programming bugs. But how is it possible to leverage a buffer overflow to compromise software in modern operating systems? Mariano and Marco will introduce us to the basic principles of code exploitation. We will see what happens when a process is executed or terminated, and how a buffer overflow vulnerability can be leveraged to execute malicious code.

 Defending Software: Protecting Your Software Against Exploiters
By Gary S. Milefsky
For many years, software development has been formalized around functional design, specification, architecture and system integration, using quality assurance to remove visible bugs or flaws in the software. However, these methodologies have not helped software engineers become more aware of coding flaws that result in exploitable holes, also known as software vulnerabilities. Gary shares with us MITRE’s “Vulnerability Theory” on Software Development.

Hijacking Software Updates with Evilgrade
By Mourad Ben Lakhua
Almost every modern application comes with a simple, built-in update mechanism. Usually it is sensible for users to accept updates that improve the security and operation of the program. Mourad shows how to attack users
via update systems. He also claims that software developers do not spend much time or effort on updates and secure delivery mechanisms, that’s why standard processes for updating applications make many users vulnerable.

How to Automate Fuzzing of Windows – Based GUI Applications
By Rudra
COM is a Microsoft technology that allows objects to communicate without the need for either object to know any details about the other, even the language it’s implemented in. Rudra will show us how to call COM components from Python and how to use COM extensions to automate the process of fuzzing GUI applications.

Interview with Ross Anderson
By Flemming Lauguaard
Security precautions taken by the airports are more security theatre than risk reduction. They’re there to convince the travelling public that >>something is being done< declaration that hacking may be interpreted as an act of war and tells us about the biggest threats to the banking and monetary world today.


Download
File
HES_01_2011_new.pdf
Please login or Register to access downloadables
Download

April 19, 2022
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
Get unlimited access

Become an Instructor

Become a Reviewer

Writing on Hakin9

LOOKING for a JOB in IT security?



© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.
Please review your information and consent to the processing of your personal data.(Required)
What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?
Please review your information and consent to the processing of your personal data.(Required)

Download Free eBook

Step 1 of 4

Name(Required)

We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.