History of some Vulnerabilities and exploit techniques
-
Upload
blaufish -
Category
Technology
-
view
587 -
download
9
description
Transcript of History of some Vulnerabilities and exploit techniques
![Page 1: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/1.jpg)
History of some Vulnerabilities
.. And exploit techniques
![Page 2: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/2.jpg)
whoami
Peter Magnussonomegapoint.se
![Page 3: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/3.jpg)
History of some VulnerabilitiesIntro
Lessons from 1974 & 1988
Buffer Overflows
Injections
XSS Cross Site Scripting
![Page 4: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/4.jpg)
- intro -
History of some Vulnerabilities & Exploit techniques
![Page 5: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/5.jpg)
This is just a tribute. Couldn't remember The Greatest Song in the World, no, no.
This is a tribute, oh, to The Greatest Song in the World
Tenacious D – Tributehttp://www.youtube.com/watch?v=_lK4cX5xGiQ
![Page 6: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/6.jpg)
• Defenders practicing STFUNDA
• Limited shared knowledgeSecret closed mailing lists etc
• Often pointless/boringVendor/CERT style info
• Attackers practicing STFUAttackers not Bragging
What we know we don't know
![Page 7: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/7.jpg)
1970-1988 1988-1994 1994-2009 2009-
Dark Ages Golden Days Cloudy days
![Page 8: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/8.jpg)
1970-1988 1988-1994 1994-2009 2009-
Dark Ages Golden Days Cloudy days
securitydigest.org – liberating archives from old closed mailing lists (I haven't had nearly as much time to read this stuff as I would like to)
![Page 9: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/9.jpg)
1970-1988 1988-1994 1994-2009 2009-
Early Days, .mil
![Page 10: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/10.jpg)
1970-1988 1988-1994 1994-2009 2009-
CERT & vendors: "A potential security vulnerability has been identified in X where, under certain circumstances, user privileges can be expanded via Y
Morris Worm
![Page 11: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/11.jpg)
1970-1988 1988-1994 1994-2009 2009-
Golden days! Bugtraq, Full Disclosure etc takes off
1998 – 2000 : It is not just OS/utilities any more…
![Page 12: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/12.jpg)
1970-1988 1988-1994 1994-2009 2009-
No Free Bugs, APTs, Crimeware, 0-days, Spearphising
![Page 13: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/13.jpg)
1970-1988 1988-1994 1994-2009 2009-
CERT & vendors: "A potential security vulnerability has been identified in X where, under certain circumstances, user privileges can be expanded via Y
Golden days! Bugtraq, Full Disclosure etc takes off
No Free Bugs, APTs, Crimeware, 0days galore
Morris Worm
Early Days
![Page 14: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/14.jpg)
Great Historical Resources
• http://seclab.cs.ucdavis.edu/projects/history/CD/– Computer security as a discipline was first studied in the early 1970s, although the issues had influenced
the development of many earlier systems such as the Atlas system and MULTICS. Unfortunately, many of the early seminal papers are often overlooked as developers (and sometimes researchers) rediscover problems and solutions, leading to wasted time and development effort.
• http://securitydigest.org/– This site is dedicated to preserving the history of early computer security digests and mailing lists,
specifically those prior to the mid 1990's. This includes the Unix 'Security Mailing List', through to the Zardoz 'Security Digest' to the Core 'Security List', i.e. those preceeding BugTraq. These forums are a valuable insight into the embryonic development of the field of computer security, especially as it relates to the Internet, and the development of the Doctrine of Disclosure.
• http://seclists.org/– Any hacker will tell you that the latest news and exploits are not found on any web site—not even
Insecure.Org. No, the cutting edge in security research is and will continue to be the full disclosure mailing lists such as Bugtraq.
![Page 15: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/15.jpg)
History of some Vulnerabilities
.. And exploit techniques
![Page 16: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/16.jpg)
History of some VulnerabilitiesIntro
Lessons from 1974 & 1988
Buffer Overflows
Injections
XSS Cross Site Scripting
![Page 17: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/17.jpg)
- Lessons from 1974 -
History of some Vulnerabilities & Exploit techniques
![Page 18: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/18.jpg)
1974 – Kager, Schell, USAF
USAF were amazing at computer security in the 1970ies!!!
![Page 19: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/19.jpg)
- Lessons from 1988 -
History of some Vulnerabilities & Exploit techniques
![Page 20: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/20.jpg)
Morris Worm was BIG! in 1988
• Infected most of internet– Cross compiled for two main targets
• Exploited Buffer Overflow• Exploited DEBUG backdoor in sendmail• Exploited cracking weak passwords
• Basically, it was amazing & threatening.
![Page 21: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/21.jpg)
1988 reactions to the Morris Worm
"So I've decided to take my work back underground, To stop it falling into the wrong hands. "
– Prodigy, Music for the Jilted Generation, 1994http://www.youtube.com/watch?v=kJ6jApzrExY
![Page 22: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/22.jpg)
1988 #1. Create Restricted Mailing List
With the old security mailing list the only requirement was an OK from the root of the system (other than home computers). I would like to suggest that there would be a
trusted group of people to start the mailing list (mabye start with phage@purdue). People would need someone who was on the
list already to vouch for them, an OK from the person's home root, and that their name be circulated to the mailing list to see if anyone objects. I am suggesting these additional requirements because I know of people (now in
retrospect) that shouldn't have been on the old list who would not qualify with these additional requirements. I would also suggest that there are no aliases (i.e. [email protected]) but mail would be sent to individuals only.
![Page 23: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/23.jpg)
1988 - #2. Security Repository
The are a number of sites who don't have source, yet they want holes fixes. For some problems, it is easy enough to patch a binary with adb, but for other problems that is not
enough. I would suggest a ftp site on the Internet that would keep binaries to patched programs. I would suggest Sun-3, Sun-4, and Vaxen binaries. Possibly other machines (i.e. Pyramid, Sequent, Encore, HP) if there seems to be enough of an interest.
![Page 24: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/24.jpg)
1988 - #3. Get Vendors Involved
There should be at least one rep. from each major UNIX box vendor who would be responsible for get fixes into release software. This doesn't seem to be much of a priority with vendors right now. I think we should collectively
scream bloody murder until the see a bit more responsiveness from our friends.
![Page 25: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/25.jpg)
1988 - #4. Hole List
I think it *might* be a good idea to develop a list of security holes that should be checked. This list should have a very limited circulation. This list should not live on the same machine as the security mailing list of the archives. It should be mailed from a system other than it's home (otherwise that machine become a prime spot for breaking). On the other hand, having such a list might be too risky.
![Page 26: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/26.jpg)
What went wrong?
• 1970: USAF sats computer security cannot be solved by secrecy
• -1988: Secret mailing lists with secrecy!• 1988-: More secrecy!– BAD: Focus on secrecy rather than information– BAD: Everything seems adhoc, eg no search for
known vulns in products.– Good: stated need for vendors, patches,
checklists.
![Page 27: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/27.jpg)
1994: FULL DISCLOSURE
Secrecy didn't work Vendors weren't proactive
Because the past had been repeated20 years later, implementing 1974 advice
![Page 28: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/28.jpg)
History of some Vulnerabilities
.. And exploit techniques
![Page 29: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/29.jpg)
History of some VulnerabilitiesIntro
Lessons from 1974 & 1988
Buffer Overflows
Injections
XSS Cross Site Scripting
![Page 30: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/30.jpg)
- Buffer Overflows -
History of some Vulnerabilities & Exploit techniques
![Page 31: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/31.jpg)
Buffer Overflow
1972 1988 1996 2001 now
Computer Security Technology Planning Study:
"The code performing this function does not check the
source and destination addresses properly,
permitting portions of the monitor to be overlaid by the
user. This can be used to inject code into the monitor that will permit the user to seize control of the machine."
![Page 32: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/32.jpg)
Buffer Overflow
1972 1988 1996 2001 now
Morris Worm
Buffer Overflow in fingerd (gets) used to exploits
VAX unix.
Exploit payload executed /bin/sh
![Page 33: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/33.jpg)
Buffer Overflow
1972 1988 1996 2001 now
Smashing the Stack For Fun and Profit
The first big easily understood guide on how to exploit.
Covered the popular Intel x86 machine code.Now everyone learned buffer overflows!
![Page 34: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/34.jpg)
Buffer Overflow
1972 1988 1996 2001 now
Code Red & other Windows Worms
Buffer Overflows hits Windows hard.
Again and again.
Bill Gates posts Trustworthy Computing Memo in January 2002
![Page 35: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/35.jpg)
Buffer Overflow
1972 1988 1996 2001 now
Mitigation Wars Buffer Overflows partially mitigated in many modern operating systems (except embedded software which often is without
mitigations). Advanced exploits circumvents mitigations. Most application developers do .NET and Java which are mitigated.
Offense: heap spraying, Info leaks, ROP, …
Defense: Stack Canaries, SafeSEH/SEHOP, DEP, ASLR, ROPGuard
![Page 36: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/36.jpg)
Buffer Overflows
1972First
Documented (?)
Computer Security
Technology PS
1988
Rediscovered
VAX exploit
Morris Worm
1995
Rediscovered
Intel X86 exploits
Smashing the Stack for Fun
and Profit
2001Massive
exploitation
Windows worms
Trustworthy Computing
Memo
2013Mitigation
Wars
ASLR, NX, …
Infoleaks, ROP, Spraying
![Page 37: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/37.jpg)
History of some Vulnerabilities
.. And exploit techniques
![Page 38: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/38.jpg)
History of some VulnerabilitiesIntro
Lessons from 1974 & 1988
Buffer Overflows
Injections
XSS Cross Site Scripting
![Page 39: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/39.jpg)
- Injections -
History of some Vulnerabilities & Exploit techniques
![Page 40: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/40.jpg)
Injection
2000JavaScript Injection
(XSS)
![Page 41: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/41.jpg)
Georgi Guninski security advisory #1, 2000
[…] But the following JavaScript is executed: <IMGLOWSRC="javascript:alert('Javascript is executed')">
[…] for example displaying a fake login screen
[…] also possible to read user's messages, to send messages from user's name and doing other mischief.
[…] It is also possible to get the cookie from Hotmail, which is dangerous.
![Page 42: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/42.jpg)
Injection
1998
SQL Injection
RFP: NT Web Technology
Vulnerabilities
2000JavaScript
Injection (XSS)
![Page 43: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/43.jpg)
"And I didn't invent SQL injection.
I may have been one of the first to publicly explain it in tutorial fashion, but it existed for as long as SQL itself existed; it was just that few people saw the
security implications of it. But that may be because SQL wasn't ubiquitous
like it is today, so it had limited impact in limited circles."
http://www.ush.it/2007/05/01/interview-with-rain-forest-puppy/
![Page 44: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/44.jpg)
Injection
1994Major domo os command
injection
1998
SQL Injection
RFP: NT Web Technology
Vulnerabilities
2000JavaScript
Injection (XSS)
![Page 45: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/45.jpg)
Injection
1988(Sendmail
DEBUG feature/backdoo
r)
1994Major domo os
command injection
1998
SQL Injection
RFP: NT Web Technology
Vulnerabilities
2000JavaScript
Injection (XSS)
![Page 46: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/46.jpg)
Injection
1985
Unquoted shell…
1988(Sendmail
DEBUG feature/backdoo
r)
1994Major domo os
command injection
1998
SQL Injection
RFP: NT Web Technology
Vulnerabilities
2000JavaScript
Injection (XSS)
![Page 47: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/47.jpg)
History of some Vulnerabilities
.. And exploit techniques
![Page 48: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/48.jpg)
History of some VulnerabilitiesIntro
Lessons from 1974 & 1988
Buffer Overflows
Injections
XSS Cross Site Scripting
![Page 49: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/49.jpg)
- XSS Cross Site Scripting -
History of some Vulnerabilities & Exploit techniques
![Page 50: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/50.jpg)
XSS Cross Site Scripting
1995JavaScript introduced
Same Origin Policy
![Page 51: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/51.jpg)
XSS Cross Site Scripting
1995JavaScript introduced
Same Origin Policy
199xBrowser
vulnerability research
(Guniniski et al)
Silly XSS-ish abuse of Guestbooks
and similar
![Page 52: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/52.jpg)
XSS Cross Site Scripting
1995JavaScript introduced
Same Origin Policy
199xBrowser
vulnerability research
(Guniniski et al)
Silly XSS-ish abuse of Guestbooks
and similar
2000Guniniski: JavaScript Injection in
hotmail
Microsoft: Cross Site Scripting
(Michael Barrett, Marvin Simkin
and Toby Barrick ~1999?)
CERT: Malicious HTML Tags
Embedded …
![Page 53: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/53.jpg)
XSS Cross Site Scripting
1995JavaScript introduced
Same Origin Policy
199xBrowser
vulnerability research
(Guniniski et al)
Silly XSS-ish abuse of Guestbooks
and similar
2000Guniniski: JavaScript Injection in
hotmail
Microsoft: Cross Site Scripting
(Michael Barrett, Marvin Simkin
and Toby Barrick ~1999?)
CERT: Malicious HTML Tags
Embedded …
2002Larholm: IIS
allows universal CrossSite Scripting
(2005 Klein: DOM Based XSS)
![Page 54: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/54.jpg)
XSS Cross Site Scripting
1995JavaScript introduced
Same Origin Policy
199xBrowser
vulnerability research
(Guniniski et al)
Silly XSS-ish abuse of Guestbooks
and similar
2000Guniniski: JavaScript Injection in
hotmail
Microsoft: Cross Site Scripting
(Michael Barrett, Marvin Simkin
and Toby Barrick ~1999?)
CERT: Malicious HTML Tags
Embedded …
2002Larholm: IIS
allows universal CrossSite Scripting
(2005 Klein: DOM Based XSS)
2010Content Security
Policy
![Page 55: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/55.jpg)
History of some Vulnerabilities
.. And exploit techniques
![Page 56: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/56.jpg)
RANT
What infosec guys do best?
![Page 57: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/57.jpg)
<rant></rant>
• Security pros are brilliant at not knowing what security knew 10-20 years ago. – Security by secrecy have not worked very well– Dealing with trust & "need to know" on an internet
scale is hard.• Security wasted 20+ years in addressing the insane
level of Buffer overflow problems.• Vendors aren't doing enough has been said since
at least 1988. SDL is bringing some change since 2003 !
![Page 58: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/58.jpg)
<rant></rant>
• Easy to rant about the past. – What about today?
• AppSec – YOU make the software, no vendor.– That's a big change.
• What contemporary fails will people rant about in 2043?
![Page 59: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/59.jpg)
TAKE AWAY
What you might consider learning from this exercise
![Page 60: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/60.jpg)
Secrecy suck
Take Away
![Page 61: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/61.jpg)
Try to avoid wasting 20 years of knowledge again
Take Away
![Page 62: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/62.jpg)
Don't be the next "vendor" claimed to do nothing preemptively. Work on reducing your
vulnerabilities.
Take Away
![Page 63: History of some Vulnerabilities and exploit techniques](https://reader035.fdocuments.in/reader035/viewer/2022081412/545642bbaf795917618ba55a/html5/thumbnails/63.jpg)
FIN
.. And exploit techniques