Sockets, Shellcode, Porting, and Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals
Elsevier, 26 de abr. de 2005 - 700 páginas
The book is logically divided into 5 main categories with each category representing a major skill set required by most security professionals:
1. Coding – The ability to program and script is quickly becoming a mainstream requirement for just about everyone in the security industry. This section covers the basics in coding complemented with a slue of programming tips and tricks in C/C++, Java, Perl and NASL.
2. Sockets – The technology that allows programs and scripts to communicate over a network is sockets. Even though the theory remains the same – communication over TCP and UDP, sockets are implemented differently in nearly ever language.
3. Shellcode – Shellcode, commonly defined as bytecode converted from Assembly, is utilized to execute commands on remote systems via direct memory access.
4. Porting – Due to the differences between operating platforms and language implementations on those platforms, it is a common practice to modify an original body of code to work on a different platforms. This technique is known as porting and is incredible useful in the real world environments since it allows you to not “recreate the wheel.
5. Coding Tools – The culmination of the previous four sections, coding tools brings all of the techniques that you have learned to the forefront. With the background technologies and techniques you will now be able to code quick utilities that will not only make you more productive, they will arm you with an extremely valuable skill that will remain with you as long as you make the proper time and effort dedications.
*Contains never before seen chapters on writing and automating exploits on windows systems with all-new exploits.
*Perform zero-day exploit forensics by reverse engineering malicious code.
*Provides working code and scripts in all of the most common programming languages for readers to use TODAY to defend their networks.
O que estão dizendo - Escrever uma resenha
Não encontramos nenhuma resenha nos lugares comuns.
Windows Sockets Winsock
Writing Portable Code
Portable Network Programming
Writing Shellcode I
Writing Shellcode II
Writing Security Components
Creating a Web Security Tool
Security Tool Compendium
Data Conversion Reference
Writing Exploits I
Writing Exploits II
Writing Exploits III
Outras edições - Visualizar todos
addr AF_INET allocated Analysis application argc argument argv array attack string bin/sh bind BSD sockets buffer overflow bugs bytes char command-line compiled create data types datagram define encoded endi endif error Example executed execve exploit file descriptor FreeBSD header files host ifdef WIN32 implementation include stdio.h integer interface IP address IUnknown Java ktrace language Linux loop malloc memory Metasploit method Microsoft NASL NASL scripts Nessus NULL object OpenSSL operating systems option output parameter parsing payload Perl pointer port printf protocol push eax raw sockets recv remote return address return value return(1 s-proc server shell shellcode sizeof SNMP sock sockaddr_in socket descriptor socket programming specified stdout strcpy struct sockaddr system call target thread tool UNIX unsigned variable void vulnerability Winsock write www.syngress.com
Página i - From the Author" Forum that allows the authors of this book to post timely updates and links to related sites, or additional topic coverage that may have been requested by readers. Just visit us at www.syngress.com/solutions and follow the simple registration process. You will need to have this book with you when you register. Thank you for giving us the opportunity to serve your needs. And be sure to let us know if there is anything else we can do to make your job easier.
Página vii - With his core competencies residing in high-tech remote management, international expansion, application security, protocol analysis, and search algorithm technology, Foster has conducted numerous code reviews for commercial OS components, Win32 application assessments, and reviews on commercial-grade cryptography implementations. Foster is a seasoned speaker and has presented throughout North America at conferences, technology forums, security summits, and research symposiums with highlights at...
Página i - Through this site, we've been able to provide readers a real time extension to the printed book. As a registered owner of this book, you will qualify for free access to our members-only email@example.com program. Once you have registered, you will enjoy several benefits, including: • Four downloadable e-booklets on topics related to the book. Each booklet is approximately 20-30 pages in Adobe PDF format.
Página vii - World 2001, and the Thomson Security Conference. He also is commonly asked to comment on pertinent security issues and has been sited in USAToday, Information Security Magazine, Baseline, Computer World, Secure Computing, and the MIT Technologist, Foster holds an AS, BS, MBA and numerous technology and management certifications and has attended or conducted research at the Yale School of Business, Harvard University, the University of Maryland, and is currently a Fellow at University of Pennsylvania's...