+612 9045 4394
 
CHECKOUT
$7.95 Delivery per order to Australia and New Zealand
100% Australian owned
Over a hundred thousand in-stock titles ready to ship
Sockets, Shellcode, Porting, and Coding : Reverse Engineering Exploits and Tool Coding for Security Professionals - James Foster

Sockets, Shellcode, Porting, and Coding

Reverse Engineering Exploits and Tool Coding for Security Professionals

Paperback Published: 12th April 2005
ISBN: 9781597490054
Number Of Pages: 700

Share This Book:

Paperback

Ships in 10 to 15 business days

Earn 119 Qantas Points
on this Book

The book is logically divided into 5 main categories with each category representing a major skill set required by most security professionals:

1. Coding - The ability to program and script is quickly becoming a mainstream requirement for just about everyone in the security industry. This section covers the basics in coding complemented with a slue of programming tips and tricks in C/C++, Java, Perl and NASL.

2. Sockets - The technology that allows programs and scripts to communicate over a network is sockets. Even though the theory remains the same - communication over TCP and UDP, sockets are implemented differently in nearly ever language.

3. Shellcode - Shellcode, commonly defined as bytecode converted from Assembly, is utilized to execute commands on remote systems via direct memory access.

4. Porting - Due to the differences between operating platforms and language implementations on those platforms, it is a common practice to modify an original body of code to work on a different platforms. This technique is known as porting and is incredible useful in the real world environments since it allows you to not "recreate the wheel.?

5. Coding Tools - The culmination of the previous four sections, coding tools brings all of the techniques that you have learned to the forefront. With the background technologies and techniques you will now be able to code quick utilities that will not only make you more productive, they will arm you with an extremely valuable skill that will remain with you as long as you make the proper time and effort dedications.

*Contains never before seen chapters on writing and automating exploits on windows systems with all-new exploits.

*Perform zero-day exploit forensics by reverse engineering malicious code.

*Provides working code and scripts in all of the most common programming languages for readers to use TODAY to defend their networks.

Forewordp. xxvii
Security Codingp. 1
Introductionp. 2
C/C++p. 3
Language Characteristicsp. 3
Hello, World! Examplep. 5
Data Typesp. 5
Flow Controlp. 8
Functionsp. 9
Classes (C++ Only)p. 10
Case Study: Fourier Estimationp. 12
Javap. 14
Language Characteristicsp. 15
Hello, World!p. 17
Data Typesp. 17
Flow Controlp. 18
Methodsp. 20
Classesp. 20
GET HTTP Headersp. 22
C#p. 23
Business Case for Migrating to C#p. 24
Language Characteristicsp. 24
C#'s Hello, World!p. 26
Data Typesp. 26
Flow Controlp. 27
Methodsp. 29
Classesp. 30
C# Threadingp. 31
Case Study: Command Line IP Address Parsingp. 32
Perlp. 40
Data Typesp. 41
Operatorsp. 42
A Sample Perl Scriptp. 45
Special Variablesp. 46
Pattern Matching and Substitutionp. 47
Regular Expression Modifiersp. 48
Canonical Perl Toolsp. 49
I Am a Perl Coder!p. 49
A Log Modification Utilityp. 50
Pythonp. 55
InlineEggp. 56
Summaryp. 60
Solutions Fast Trackp. 61
Links to Sitesp. 62
Frequently Asked Questionsp. 63
NASL Scriptingp. 65
Introductionp. 66
Historyp. 66
Goals of NASLp. 66
NASL Script Syntaxp. 68
Writing NASL Scriptsp. 77
Writing Personal-use Tools in NASLp. 78
Programming in the Nessus Frameworkp. 80
Case Study: The Canonical NASL Scriptp. 82
Porting to and from NASLp. 86
Logic Analysisp. 86
Summaryp. 95
Solutions FastTrackp. 95
Links to Sitesp. 97
Frequently Asked Questionsp. 97
BSD Socketsp. 99
Introductionp. 100
Introduction to BSD Sockets Programmingp. 100
TCP Clients and Serversp. 101
Compilationp. 102
Example Executionp. 102
Analysisp. 102
Compilationp. 105
Analysisp. 105
Analysisp. 106
UDP Clients and Serverp. 107
Compilationp. 109
Example Executionp. 109
Analysisp. 109
Compilationp. 111
Example Executionp. 111
Analysisp. 111
Compilationp. 113
Example Executionp. 113
Analysisp. 113
Compilationp. 115
Example Executionp. 115
Analysisp. 115
Socket Optionsp. 116
Analysisp. 118
Network Scanning with UDP Socketsp. 118
Compilationp. 125
Example Executionp. 125
Analysisp. 125
Network Scanning with TCP Socketsp. 127
Compilationp. 136
Analysisp. 136
Threading and Parallelismp. 139
Summaryp. 141
Solutions Fast Trackp. 141
Links to Sitesp. 143
Frequently Asked Questionsp. 143
Windows Sockets (Winsock)p. 145
Introductionp. 146
Winsock Overviewp. 146
Winsock 2.0p. 148
Linking through Visual Studio 6.0p. 148
Linking through Source Codep. 148
Case Study: Using WinSock to Grab a Web Pagep. 153
Writing Client Applicationsp. 154
Writing Server Applicationsp. 158
Writing Exploit and Vulnerability Checking Programsp. 161
Summaryp. 169
Solutions Fast Trackp. 170
Frequently Asked Questionsp. 170
Case Study: Using WinSock to Execute a Web Attackp. 172
Case Study: Using Winsock to Execute a Remote Buffer Overflowp. 174
Java Socketsp. 177
Introductionp. 178
An Overview of TCP/IPp. 178
TCP Clientsp. 179
IP Addresses and Hostname Resolutionp. 183
Text-Based Input/Output: The LineNumberReader Classp. 186
TCP Serversp. 189
Using a Web Browser to Connect to TCPServer1p. 193
Handling Multiple Connectionsp. 194
WormCatcherp. 204
UDP Clients and Serversp. 209
Summaryp. 217
Solutions Fast Trackp. 217
Frequently Asked Questionsp. 218
Writing Portable Codep. 221
Introductionp. 222
UNIX and Microsoft Windows Porting Guidep. 222
Pre-compiler Directivesp. 222
Using ifdefsp. 223
Determining the Operating Systemp. 225
Byte Orderingp. 226
Process Creation and Terminationp. 229
execp. 229
forkp. 234
exitp. 234
Multithreadingp. 234
Thread Creationp. 234
Thread Coordinationp. 237
Signalsp. 242
File Handlingp. 244
Directory Handlingp. 247
Librariesp. 250
Dynamic Loading of Librariesp. 252
Daemon/Win32 Service Programmingp. 256
Memory Managementp. 262
Command-line Argument Processingp. 263
Integer Data Typesp. 267
Summaryp. 269
Solutions Fast Trackp. 269
Frequently Asked Questionsp. 269
Portable Network Programmingp. 273
Introductionp. 274
BSD Sockets and Winsockp. 274
Winsock Requirementsp. 274
Portable Componentsp. 276
Return Valuesp. 276
Extended Error Informationp. 278
The APIp. 280
Winsock 2.0 Extensionsp. 280
read(), write()p. 280
socket()p. 280
connect()p. 282
bind()p. 285
listen()p. 287
accept()p. 290
select()p. 293
send(), sendto()p. 298
recv(), recvfrom()p. 301
Close(), Closesocket()p. 305
setsockopt()p. 307
Ioctl(), Ioctlsocket()p. 309
Raw Socketsp. 312
API Overviewp. 312
Header Filesp. 312
Local IP Address Determinationp. 317
User Suppliedp. 317
Listing Interfacesp. 318
Pcap and WinPcapp. 323
Summaryp. 329
Solutions Fast Trackp. 329
Frequently Asked Questionsp. 330
Writing Shellcode Ip. 333
Introductionp. 334
Overview of Shellcodep. 334
The Addressing Problemp. 339
The NULL Byte Problemp. 341
Implementing System Callsp. 342
System Call Numbersp. 342
Remote Shellcodep. 345
Port Binding Shellcodep. 345
Socket Descriptor Reuse Shellcodep. 346
Local Shellcodep. 348
execve Shellcodep. 348
setuid Shellcodep. 349
chroot Shellcodep. 350
Windows Shellcodep. 354
Summaryp. 359
Solutions Fast Trackp. 360
Links to Sitesp. 362
Mailing Listsp. 362
Frequently Asked Questionsp. 363
Writing Shellcode IIp. 365
Introductionp. 366
Shellcode Examplesp. 366
The Write System Callp. 368
execve Shellcodep. 372
Port Binding Shellcodep. 380
The socket System Callp. 383
The bind System Callp. 383
The listen System Callp. 384
The accept System Callp. 385
The dup2 System Callsp. 385
The execve System Callp. 386
Reverse Connection Shellcodep. 391
Socket Reusing Shellcodep. 394
Reusing File Descriptorsp. 396
Encoding Shellcodep. 402
Reusing Program Variablesp. 407
OS-Spanning Shellcodep. 411
Understanding Existing Shellcodep. 412
Summaryp. 416
Solutions Fast Trackp. 416
Links to Sitesp. 418
Mailing Listsp. 418
Frequently Asked Questionsp. 419
Writing Exploits Ip. 421
Introductionp. 422
Targeting Vulnerabilitiesp. 422
Remote and Local Exploitsp. 423
Format String Attacksp. 424
Format Stringsp. 424
Fixing Format String Bugsp. 426
Case Study: xlockmore User-Supplied Format String Vulnerability CVE-2000-0763p. 427
TCP/IP Vulnerabilitiesp. 429
Race Conditionsp. 430
File Race Conditionsp. 430
Signal Race Conditionsp. 431
Case Study: man Input Validation Errorp. 432
Summaryp. 435
Solutions Fast Trackp. 435
Links to Sitesp. 436
Frequently Asked Questionsp. 437
Writing Exploits IIp. 439
Introductionp. 440
Coding Sockets and Binding for Exploitsp. 440
Client-Side Socket Programmingp. 441
Server-Side Socket Programmingp. 442
Stack Overflow Exploitsp. 444
Memory Organizationp. 444
Stack Overflowsp. 446
Finding Exploitable Stack Overflows in Open-Source Softwarep. 449
Case Study: X11R6 4.2 XLOCALEDIR Overflowp. 450
Finding Exploitable Stack Overflows in Closed-Source Softwarep. 454
Heap Corruption Exploitsp. 455
Case Study: OpenSSL SSLv2 Malformed Client Key Remote Buffer Overflow Vulnerability CAN-2002-0656p. 459
Integer Bug Exploitsp. 472
Integer Wrappingp. 472
Bypassing Size Checksp. 475
Other Integer Bugsp. 476
Case Study: OpenSSH Challenge Response Integer Overflow Vulnerability CVE-2002-0639p. 477
Vulnerability Detailsp. 477
Case Study: UW POP2 Buffer Overflow Vulnerability CVE-1999-0920p. 480
Vulnerability Detailsp. 480
Summaryp. 488
Solutions Fast Trackp. 488
Links to Sitesp. 489
Frequently Asked Questionsp. 490
Writing Exploits IIIp. 491
Introductionp. 492
Using the Metasploit Frameworkp. 492
Exploit Development with Metasploitp. 498
Determining the Attack Vectorp. 499
Finding the Offsetp. 499
Selecting a Control Vectorp. 504
Finding a Return Addressp. 509
Using the Return Addressp. 513
Determining Bad Charactersp. 514
Determining Space Limitationsp. 515
Nop Sledsp. 517
Choosing a Payload and Encoderp. 518
Integrating Exploits into the Frameworkp. 527
Understanding the Frameworkp. 527
Analyzing an Existing Exploit Modulep. 528
Overwriting Methodsp. 533
Summaryp. 534
Solutions Fast Trackp. 534
Links to Sitesp. 535
Frequently Asked Questionsp. 536
Writing Security Componentsp. 539
Introductionp. 540
COMp. 540
COM Objectsp. 540
COM Interfacesp. 541
The COM Runtimep. 541
COM Object Implementationp. 542
COM IN-PROCESS Server Implementationp. 544
ATLp. 546
C++ Templatesp. 546
ATL Client Technologiesp. 547
ATL Server Technologiesp. 550
ATL Attributesp. 563
Adding COM Extensions to the RPCDump Toolp. 567
COM EXE Server Implementationp. 568
Control Flowp. 571
Application Integration Routinesp. 573
Tool Interface Definitionp. 575
Component Classesp. 578
Application Integration: COMSupport.hp. 584
Application Integration: RPCDump.Cp. 585
Summaryp. 587
Solutions Fast Trackp. 588
Links to Sitesp. 588
Frequently Asked Questionsp. 589
Creating a Web Security Toolp. 593
Introductionp. 594
Designp. 594
Attack Signature Formatp. 594
Signaturesp. 595
In-Depth Analysisp. 595
Header Filesp. 616
Compilationp. 619
Executionp. 619
Tool Outputp. 620
Summaryp. 621
Solutions Fast Trackp. 621
Links to Sitesp. 622
Frequently Asked Questionsp. 622
Glossaryp. 625
Security Tool Compendiump. 633
Source Code Auditingp. 633
Shellcode Toolsp. 634
Debuggersp. 634
Compilersp. 634
Hardware Simulatorsp. 635
Security Librariesp. 636
Vulnerability Analysisp. 636
Network Traffic Analysisp. 637
Packet Generationp. 638
Scannersp. 638
Exploit Archivesp. 639
Online Exploit Archivesp. 640
Syscall Referencep. 641
exit (int)p. 642
open (file, flags, mode)p. 642
close (filedescriptor)p. 642
read (filedescriptor, pointer to buffer, amount of bytes)p. 642
write (filedescriptor, pointer to buffer, amount of bytes)p. 642
execve (file, file + arguments, environment data)p. 642
socketcall (callnumber, arguments)p. 642
socket (domain, type, protocol)p. 643
bind (file descriptor, sockaddr struct, size of arg 2)p. 643
listen (file descriptor, number of connections allowed in queue)p. 643
accept (file descriptor, sockaddr struct, size of arg 2)p. 643
Data Conversion Referencep. 645
Indexp. 653
Table of Contents provided by Ingram. All Rights Reserved.

ISBN: 9781597490054
ISBN-10: 1597490059
Audience: Professional
Format: Paperback
Language: English
Number Of Pages: 700
Published: 12th April 2005
Publisher: Syngress Media,U.S.
Country of Publication: US
Dimensions (cm): 22.9 x 17.8  x 3.18
Weight (kg): 0.98

Earn 119 Qantas Points
on this Book