Gray Hat Hacking The Ethical Hacker's Handbook, Fifth Edition, 5th Edition

CHAPTER 14 Advanced Windows Exploitation

In the last chapter we took a look at basic Windows exploitation via return pointer overwrites, Structured Exception Handling (SEH) overwrites, and some basic exploit-mitigation bypass techniques related to SafeSEH and Structured Exception Handling Overwrite Protection (SEHOP). For quite a few years now, exploit writers have been taking advantage of a technique known as return-oriented programming (ROP) to bypass memory protections such as hardware Data Execution Prevention (DEP). A number of controls are aimed at preventing the technique from working, including various controls implemented in Microsoft’s Enhanced Mitigation Experience Toolkit (EMET). EMET will be end-of-life as of July 2018; however, ...

Get Gray Hat Hacking The Ethical Hacker's Handbook, Fifth Edition, 5th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Gray Hat Hacking The Ethical Hacker's Handbook, Fifth Edition, 5th Edition by Daniel Regalado, Shon Harris, Allen Harper, Chris Eagle, Jonathan Ness, Branko Spasojevic, Ryan Linn, Stephen Sims

CHAPTER 14

Advanced Windows Exploitation

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly