0 Usuarios y 1 Visitante están viendo este tema.
1SETTING UP YOUR DEVELOPMENT ENVIRONMENT 11.1 Operating System Requirements ......................................................................... 21.2 Obtaining and Installing Python 2.5 ................................................................... 21.2.1 Installing Python on Windows ............................................................ 21.2.2 Installing Python for Linux .................................................................. 31.3 Setting Up Eclipse and PyDev ............................................................................ 41.3.1 The Hacker’s Best Friend: ctypes ........................................................ 51.3.2 Using Dynamic Libraries ................................................................... 61.3.3 Constructing C Datatypes .................................................................. 81.3.4 Passing Parameters by Reference ....................................................... 91.3.5 Defining Structures and Unions .......................................................... 92DEBUGGERS AND DEBUGGER DESIGN 132.1 General-Purpose CPU Registers......................................................................... 142.2 The Stack... 162.3 Debug Events ................................................................................................. 182.4 Breakpoints ... 182.4.1 Soft Breakpoints.............................................................................. 192.4.2 Hardware Breakpoints..................................................................... 212.4.3 Memory Breakpoints ....................................................................... 233BU ILD ING A W INDOWS DEBUGGER 253.1 Debuggee, Where Art Thou?............................................................................ 253.2 Obtaining CPU Register State........................................................................... 333.2.1 Thread Enumeration ........................................................................ 333.2.2 Putting It All Together....................................................................... 353.3 Implementing Debug Event Handlers ................................................................. 393.4 The Almighty Breakpoint .................................................................................. 433.4.1 Soft Breakpoints.............................................................................. 433.4.2 Hardware Breakpoints..................................................................... 473.4.3 Memory Breakpoints ....................................................................... 523.5 Conclusion... 55x Contents in Detail4PYDBG—A PURE PYTHON W INDOWS DEBUGGER 574.1 Extending Breakpoint Handlers......................................................................... 584.2 Access Violation Handlers................................................................................ 604.3 Process Snapshots........................................................................................... 634.3.1 Obtaining Process Snapshots ........................................................... 634.3.2 Putting It All Together....................................................................... 655IMMUN ITY DEBUGGER—THE BEST O F BOTH WORLDS 695.1 Installing Immunity Debugger............................................................................ 705.2 Immunity Debugger 101 .................................................................................. 705.2.1 PyCommands ................................................................................. 715.2.2 PyHooks ........................................................................................ 715.3 Exploit Development........................................................................................ 735.3.1 Finding Exploit-Friendly Instructions ................................................... 735.3.2 Bad-Character Filtering .................................................................... 755.3.3 Bypassing DEP on Windows ............................................................ 775.4 Defeating Anti-Debugging Routines in Malware .................................................. 815.4.1 IsDebuggerPresent .......................................................................... 815.4.2 Defeating Process Iteration ............................................................... 826HOOKING 856.1 Soft Hooking with PyDbg ................................................................................. 866.2 Hard Hooking with Immunity Debugger ............................................................. 907DLL AND CODE INJECT ION 977.1 Remote Thread Creation .................................................................................. 987.1.1 DLL Injection ................................................................................... 997.1.2 Code Injection.............................................................................. 1017.2 Getting Evil .................................................................................................. 1047.2.1 File Hiding ................................................................................... 1047.2.2 Coding the Backdoor .................................................................... 1057.2.3 Compiling with py2exe.................................................................. 1088FUZZING 1118.1 Bug Classes ................................................................................................. 1128.1.1 Buffer Overflows ........................................................................... 1128.1.2 Integer Overflows ......................................................................... 1138.1.3 Format String Attacks..................................................................... 1148.2 File Fuzzer ................................................................................................... 1158.3 Future Considerations.................................................................................... 1228.3.1 Code Coverage............................................................................ 1228.3.2 Automated Static Analysis.............................................................. 122Contents in Detail xi9SULLEY 1239.1 Sulley Installation .......................................................................................... 1249.2 Sulley Primitives ............................................................................................ 1259.2.1 Strings ......................................................................................... 1259.2.2 Delimiters..................................................................................... 1259.2.3 Static and Random Primitives.......................................................... 1269.2.4 Binary Data.................................................................................. 1269.2.5 Integers ....................................................................................... 1269.2.6 Blocks and Groups........................................................................ 1279.3 Slaying WarFTPD with Sulley ......................................................................... 1299.3.1 FTP 101....................................................................................... 1299.3.2 Creating the FTP Protocol Skeleton .................................................. 1309.3.3 Sulley Sessions ............................................................................. 1319.3.4 Network and Process Monitoring .................................................... 1329.3.5 Fuzzing and the Sulley Web Interface ............................................. 13310FUZZING WINDOWS DRIVERS 13710.1 Driver Communication ................................................................................. 13810.2 Driver Fuzzing with Immunity Debugger......................................................... 13910.3 Driverlib—The Static Analysis Tool for Drivers................................................. 14210.3.1 Discovering Device Names .......................................................... 14310.3.2 Finding the IOCTL Dispatch Routine............................................... 14410.3.3 Determining Supported IOCTL Codes ............................................ 14510.4 Building a Driver Fuzzer .............................................................................. 14711IDAPYTHON—SCRIPTING IDA PRO 15311.1 IDAPython Installation.................................................................................. 15411.2 IDAPython Functions.................................................................................... 15511.2.1 Utility Functions........................................................................... 15511.2.2 Segments ................................................................................... 15511.2.3 Functions ................................................................................... 15611.2.4 Cross-References......................................................................... 15611.2.5 Debugger Hooks......................................................................... 15711.3 Example Scripts .......................................................................................... 15811.3.1 Finding Dangerous Function Cross-References................................. 15811.3.2 Function Code Coverage ............................................................. 16011.3.3 Calculating Stack Size................................................................. 16112PYEMU—THE SCRIPTABLE EMULATOR 16312.1 Installing PyEmu.......................................................................................... 16412.2 PyEmu Overview......................................................................................... 16412.2.1 PyCPU....................................................................................... 16412.2.2 PyMemory.................................................................................. 16512.2.3 PyEmu ....................................................................................... 165xii Contents in Detail12.2.4 Execution................................................................................... 16512.2.5 Memory and Register Modifiers .................................................... 16512.2.6 Handlers.................................................................................... 16612.3 IDAPyEmu .................................................................................................. 17112.3.1 Function Emulation ...................................................................... 17212.3.2 PEPyEmu.................................................................................... 17512.3.3 Executable Packers...................................................................... 17612.3.4 UPX Packer ................................................................................ 17612.3.5 Unpacking UPX with PEPyEmu ...................................................... 177
https://jumpshare.com/v/xFLx3MTm0AISnUawymbO