handouts/ho03.tex
changeset 240 4b2eeb0ddd81
parent 238 6ba55ba5b588
child 257 9bc912fcedb6
--- a/handouts/ho03.tex	Fri Oct 10 16:14:55 2014 +0100
+++ b/handouts/ho03.tex	Mon Oct 13 19:48:57 2014 +0100
@@ -691,7 +691,30 @@
 \end{center}
 
 \noindent updates, as the name says, most information to 2010.
-There are also sources for buffer overflow attack in  
+There is another Phrack article about return-into-lib(c) exploits 
+from 2012:
+
+\begin{center}
+\url{http://phrack.org/issues/58/4.html}
+\end{center}
+
+\noindent
+The main topic is about getting around the non-executability of stack
+data (in case it is protected).  This article gives some further
+pointers into the recent literature about buffer overflow attacks.
+
+Buffer overflow attacks are not just restricted to Linux and 
+``normal'' computers. There is a book
+
+\begin{quote}\rm 
+``iOS Hacker's Handbook'' by Miller et al, Wiley, 2012
+\end{quote}
+
+\noindent
+which seem to describe buffer overflow attacks on iOS. A book from the
+same publisher exists also for Android (from 2014) which seem to also
+feature buffer overflow attacks. Alas I do not own copies of these
+books.
 
 
 \subsubsection*{A Crash-Course for GDB}