O'Reilly logo

The Shellcoder's Handbook: Discovering and Exploiting Security Holes, Second Edition by Gerardo Richarte, Felix FX Lindner, John Heasman, Chris Anley

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 19. Instrumented Investigation: A Manual Approach

With all the talk about fuzzing, you might be led to believe that there's no place for manual investigation in the world of the modern bug hunter. The aim of this chapter is to show why that's not true, and that manual bug hunting is alive and well. We'll start with a discussion of the technique (such as it is) and then go through some examples of the thought processes and techniques behind the discovery of certain bugs. Along the way, we'll also address input validation in general and talk about some interesting ways to bypass it, because input validation often thwarts the research process, and a slightly deeper understanding can help to both make attacks more potent and increase understanding of defensive techniques.

Philosophy

The idea behind our approach is to simplify the researcher's view of the system, allowing him or her to focus on the structure and behavior of the system from a technical security perspective rather than being led along some predefined path by vendor documentation or source code. It is more of an attitude and an approach than a specific technique, although you will need some basic skills. Our experience has been that this approach leads to the discovery of bugs that were "not thought possible" by the development teams—because they were too obvious, or obscured by the source code (for example, complex C macro definitions), or because an interaction between components of the system had simply not been ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required