Sockets, Shellcode, Porting & Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals
- 10h 57m
- James C. Foster, Mike Price
- Elsevier Science and Technology Books, Inc.
- 2005
Elite Programming Techniques Demystified In this groundbreaking book, best-selling author James C. Foster reveals for the first time the methods hackers use to attack and exploit the core components of operating systems and their applications. He provides working code and scripts in C/C++, Java, Perl, and NASL to detect and defend against the most dangerous attacks. The book covers in detail the five most important disciplines for security professionals and software developers: Coding, Sockets, Shellcode, Porting Applications, and Coding Security Tools.
- Download the Code All code lines throughout the book are numbered for easy reference
- Develop Shellcode Customize and optimize never-before-seen shellcode that can exploit almost any system.
- Port Public Exploits Follow step-by-step instructions for porting exploits to work on Windows, Linux, UNIX, and even Macs!
- Customize Windows COM Objects Wrap and automate pre-compiled exploits and security tools such as Nmap, netcat, and hping.
- Enhance Nikto Develop customized code to dramatically improve the performance of the Nikto Web server scanner.
- Reverse Engineer Zero Days Learn to reverse engineer, modify, and re-automate Zero-Day exploit code.
- Write NASL Scripts Develop scripts for Nessus to discover the latest vulnerabilities.
- Identify and Target Vulnerabilities Examine case studies that reveal how attackers identify and exploit security holes.
- Master Sockets Detailed code examples demonstrate socket initialization, closing sockets, reading and writing data.
About the Authors
James C. Foster, Fellow is the Deputy Director of Global Security Solution Development for Computer Sciences Corporation, where he is responsible for the vision and development of physical, personnel, and data security solutions. Prior to CSC, Foster was the Director of Research and Development for Foundstone Inc. (acquired by McAfee) and was responsible for all aspects of product, consulting, and corporate R&D initiatives. Prior to joining Foundstone, Foster was an Executive Advisor and Research Scientist with Guardent Inc. (acquired by Verisign) and an adjunct author at Information Security magazine (acquired by TechTarget), subsequent to working as a Security Research Specialist for the Department of Defense. With his core competencies residing in high-tech remote management, international expansion, application security, protocol analysis, and search algorithm technology, Foster has conducted numerous code reviews for commercial OS components, Win32 application assessments, and reviews on commercial-grade cryptography implementations.
Foster is a seasoned speaker and has presented throughout North America at conferences, technology forums, security summits, and research symposiums with highlights at the Microsoft Security Summit, Black Hat USA, Black Hat Windows, MIT Wireless Research Forum, SANS, MilCon, TechGov, InfoSec World 2001, and the Thomson Security Conference. He also is commonly asked to comment on pertinent security issues and has been sited in USAToday, Information Security magazine, Baseline, Computerworld, Secure Computing, and the MIT Technologist. Foster holds an A.S., B.S., MBA and numerous technology and management certifications and has attended or conducted research at the Yale School of Business, Harvard University, the University of Maryland, and is currently a Fellow at University of Pennsylvania’s Wharton School of Business.
Foster is also a well-published author with multiple commercial and educational papers. He has authored, contributed, or edited for major publications, including Snort 2.1 Intrusion Detectio (Syngress Publishing, ISBN: 1-931836-04-3), Hacking Exposed, Fourth Edition, Anti-Hacker Toolkit, Second Edition, Advanced Intrusion Detection, Hacking the Code: ASP.NET Web Application Security (Syngress, ISBN: 1-932266-65-8), Anti-Spam Toolkit, and Google Hacking for Penetration Techniques, (Syngress, ISBN: 1-931836-36-1).
Michael Price is a Principal Research and Development Engineer for McAfee (previously Foundstone, Inc.) and a seasoned developer within the information security field. On the services side, Mike has conducted numerous security assessments, code reviews, training, software development, and research for government and private sector organizations. At Foundstone, Mike’s responsibilities include vulnerability research, network and protocol research, software development, and code optimization. His core competencies include network- and host-based security software development for BSD and Windows platforms. Prior to Foundstone, Mike was employed by SecureSoft Systems, where he was a security software development engineer. Mike has written multiple security programs to include multiple cryptographic algorithm implementations, network sniffers, and host-based vulnerability scanners.
In this Book
-
Sockets, Shellcode, Porting & Coding—Reverse Engineering Exploits and Tool Coding for Security Professionals
-
Foreword
-
Security Coding
-
NASL Scripting
-
BSD Sockets
-
Windows Sockets (Winsock)
-
Java Sockets
-
Writing Portable Code
-
Chapter 7: Portable Network Programming
-
Writing Shellcode I
-
Writing Shellcode II
-
Writing Exploits I
-
Writing Exploits II
-
Chapter 12: Writing Exploits III
-
Writing Security Components
-
Creating a Web Security Tool