Sockets, Shellcode, Porting, and Coding: Reverse Engineer... und über 1,5 Millionen weitere Bücher verfügbar für Amazon Kindle. Erfahren Sie mehr
EUR 41,68
  • Alle Preisangaben inkl. MwSt.
Nur noch 1 auf Lager (mehr ist unterwegs).
Verkauf und Versand durch Amazon.
Geschenkverpackung verfügbar.
Ihren Artikel jetzt
eintauschen und
EUR 0,50 Gutschein erhalten.
Möchten Sie verkaufen?
Zur Rückseite klappen Zur Vorderseite klappen
Anhören Wird wiedergegeben... Angehalten   Sie hören eine Probe der Audible-Audioausgabe.
Weitere Informationen
Dieses Bild anzeigen

Sockets, Shellcode, Porting, and Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals (Englisch) Taschenbuch – 12. April 2005

Alle 2 Formate und Ausgaben anzeigen Andere Formate und Ausgaben ausblenden
Amazon-Preis Neu ab Gebraucht ab
Kindle Edition
"Bitte wiederholen"
"Bitte wiederholen"
EUR 41,68
EUR 32,93 EUR 18,76
10 neu ab EUR 32,93 6 gebraucht ab EUR 18,76

Hinweise und Aktionen

  • Studienbücher: Ob neu oder gebraucht, alle wichtigen Bücher für Ihr Studium finden Sie im großen Studium Special. Natürlich portofrei.

Jeder kann Kindle Bücher lesen — selbst ohne ein Kindle-Gerät — mit der KOSTENFREIEN Kindle App für Smartphones, Tablets und Computer.




The book is logically divided into 5 main categories with each category representing a major skill set required by most security professionals: Coding - The ability to program and script is quickly becoming a mainstream requirement for just about everyone in the security industry. This section covers the basics in coding complemented with a slue of programming tips and tricks in C/C++, Java, Perl and NASL. Sockets - The technology that allows programs and scripts to communicate over a network is sockets. Even though the theory remains the same communication over TCP and UDP, sockets are implemented differently in nearly ever language. Shellcode - Shellcode, commonly defined as bytecode converted from Assembly, is utilized to execute commands on remote systems via direct memory access. Porting - Due to the differences between operating platforms and language implementations on those platforms, it is a common practice to modify an original body of code to work on a different platforms. This technique is known as porting and is incredible useful in the real world environments since it allows you to not recreate the wheel.

Coding Tools - The culmination of the previous four sections, coding tools brings all of the techniques that you have learned to the forefront. With the background technologies and techniques you will now be able to code quick utilities that will not only make you more productive, they will arm you with an extremely valuable skill that will remain with you as long as you make the proper time and effort dedications. This book contains never before seen chapters on writing and automating exploits on windows systems with all-new exploits. It helps you to perform zero-day exploit forensics by reverse engineering malicious code. It also provides working code and scripts in all of the most common programming languages for readers to use today to defend their networks.

Über den Autor und weitere Mitwirkende

James C. Foster, Fellow, is the Deputy Director of Global Security Solution Development for Computer Sciences Corporation where he is responsible for the vision and development of physical, personnel, and data security solutions. Preceding CSC, Foster was the Director of Research and Development for Foundstone Inc. and was responsible for all aspects of product, consulting, and corporate R&D initiatives. Prior to joining Foundstone, Foster was an Executive Advisor and Research Scientist with Guardent Inc. and an adjunct author at Information Security Magazine, subsequent to working as Security Research Specialist for the Department of Defense. Foster is also a well published author with multiple commercial and educational papers; and has authored, contributed, or edited for major publications to include Snort 2.1 Intrusion Detection (Syngress, ISBN: 1-931836-04-3), Hacking Exposed, Fourth Edition, Anti-Hacker Toolkit, Second Edition, Advanced Intrusion Detection, Hacking the Code: ASP.NET Web Application Security (Syngress, ISBN: 1-932266-65-8), Anti-Spam Toolkit, Google Hacking for Penetration Techniques (Syngress, ISBN: 1-931836-36-1), and Sockets, Shellcode, Porting and Coding (Syngress ISBN: 1-597490-05-9).

In diesem Buch (Mehr dazu)
Mehr entdecken
Ausgewählte Seiten ansehen
Buchdeckel | Copyright | Inhaltsverzeichnis | Auszug | Stichwortverzeichnis
Hier reinlesen und suchen:


Es gibt noch keine Kundenrezensionen auf
5 Sterne
4 Sterne
3 Sterne
2 Sterne
1 Sterne

Die hilfreichsten Kundenrezensionen auf (beta) 7 Rezensionen
14 von 15 Kunden fanden die folgende Rezension hilfreich
Cut and Paste 24. Juni 2006
Von James Lee - Veröffentlicht auf
Format: Taschenbuch
I purchased <u>Buffer Overflow Attacks</u>, which is also published by Syngress and co-authored by Foster, a couple of months ago. The chapters about shellcode were good and I wanted a deeper explanation. When I saw this book I thought I had found what I was looking for. Unfortunately, the chapters about shellcode are taken straight from BOA. So are the chapter about the xlockmore format string vulnerability and the section in chapter one about InlineEgg.

Additionally, the title says that this book is 'for Security Professionals.' However, the first chapter is devoted to the basics of programming; if someone is unfamiliar with a looping construct, they should not start with a book about shellcode and exploits.

All of this is not to say that <u>Sockets, Shellcode, Porting and Coding</u> is not an excellent book; it is. But with so much cut'n'pasting going on, I find myself reluctant to purchase another book with Foster on the author list.
9 von 10 Kunden fanden die folgende Rezension hilfreich
unique reference 8. Februar 2006
Von Jeff Pike - Veröffentlicht auf
Format: Taschenbuch
I've had this book for about 6 months now. I've read it, and I've worked through about a third of the code samples.

This book starts of with an intro on programming languages that touches on issues relevant to C, C++, Perl, Java, C#, and others that vulnerability researchers might be interested in. The 2nd chapter on NASL (Nessus) scripting is a little sparse, but is suitable for a quick reference.

The next three chapters are devoted to BSD, Windows, and Java sockets respectively. The information provided is good enough to code working sockets in all three. The BSD code samples seem to work okay.

The next two chapters are on writing portable code and portable network programming. These are probably two of the best chapters in this book. If I ever got heavy into vulnerability coding, I'd be referring to these.

The next two chapters are on writing shellcode. These are pretty good chapters. One issue with these chapters is that the author's s-proc program doesn't quite seem to work. This is a utility that prints your shellcode in hex (-p option) or executes the code to test it (-e option). This would come in handy indeed. I have some working shellcode, but I never got it to work with s-proc -e in chapter 9. I e-mailed the author twice, but he did not respond. I subtract one star for that. Still these chapters have some cool ideas for shellcode.

There are three chapters on writing exploits. The first two are kind of a whirlwind tour of traditional exploit issues (format string, stack & heap overflows, integer bugs). The last chapter is an introductory chapter on using Metasploit and an overview of how to write exploits for the framework.

The last two chapters are on writing security components, and writing a security tool. They are Microsoft centric, and I didn't roll up my sleeves and get into these.

This book brings together a lot of information in a single volume. This would make a great reference, for someone who doesn't have books covering all the other subjects. The chapters on porting are probably the most valuable and unique. There are also some really cool ideas in the chapters on shellcode. There are a few other cool things sprinkled throughout. Plenty of code samples; they are available from the publisher for download if you register the book. The index is really pretty good and suitable for reference. I give back the star I previously took away for that. This is nice as a reference and tutorial.
4 von 6 Kunden fanden die folgende Rezension hilfreich
Good book 22. März 2006
Von Joel Esler - Veröffentlicht auf
Format: Taschenbuch Verifizierter Kauf
I personally like this book. It is not for the light of heart, and for those of you that have no idea what the term reverse engineering means. If you have a knowledge of reverse engineering, or have some experience in analyzing binaries. This is an excellent tool.
1 von 2 Kunden fanden die folgende Rezension hilfreich
Good for what it is... 3. August 2007
Von Dean Jones Jr. - Veröffentlicht auf
Format: Taschenbuch
I'd say that most people getting a book like this will already be involved with programming a bit. Enough to know what a socket is, how to write a program that uses sockets, etc... However, I could be wrong.

I guess what I thought was that this book was going to kind of tie everything in together such as "ok, now that you know how to write sockets, we're going to write an exploit that opens a backdoor for you!" However, either I glanced over sections too much, or it just doesn't exist. Each part of the book doesn't seem to have much of a tie in to the next part of the book. Maybe in some small ways, but not by much... To me it seems like a hodge podge book where the authors wanted to 1) Tell you about coding, 2) Teach you basic socket programming, 3) Teach you about porting, 4) Teach you about shellcode and 5) teach you about exploits. In other words, it's almost like 5 separate books that aren't meant to be pressed into a single book except for some very small references to some parts from others...

Now, this doesn't mean this is a bad book. It does teach you what it says it will. It's fairly easy to follow (minus one small error I found) and somewhat in-depth. However, I feel that there are other books that do a better job at the underlying reason why I bought this book... for shellcoding and exploit explanations.

One minor, but confusing and hard to follow error I found in this book is when they have code listings that are line numbered. They're off by a few lines each time they explain it. This is somewhat confusing even to me, but I would catch on and say "Ahh, they mean line 112 instead of 120". For instance on page 428 there is this block of code:

47 shell_addr[0] = (target->shell_addr & 0xffff0000) >> 16;
48 shell_addr[1] target->shell_addr & 0xffff;
50 memset(fmt_string, 0x00, sizeof(fmt_string));
52 for (x=17; x < target->count; x++) {
53 strcat(fmt_string, "%8x");
54 len += 8;
55 }
57 if (shell_addr[1] > shell_addr[0]) {

And in the analysis of the code it states:

"... On lines 49 and 50, the address where the shellcode resides is split and placed into two 16 bit intergers. The stack space is then populated in lines 54 through 57 with %08x..."

This is clearly a mistake. They're about 2 lines off with each of those statements. This isn't the only time this happens in the book. It's pretty much sporadically throughout the book. So, this may get a little confusing to some or just generally annoying to others (like myself) because you have to stop, go back, scratch your head, figure out where it is they're really talking about and then move on reluctantly.

I'd say look into "Hacking: The art of exploitation" and "The Shellcoders Handbook" if you're getting this book to learn about buffer overflows, format string bugs, etc... and the coding, porting and socket programming don't really apply to you. If they do, this is an overall good book, but not really the best.
1 von 2 Kunden fanden die folgende Rezension hilfreich
Rife with errors and inconsistencies 29. Juli 2008
Von Byron Sonne - Veröffentlicht auf
Format: Taschenbuch
Have the Syngress proofreaders fallen asleep on the job?

This book is so full of errors and inaccuracies that it becomes painful to read after a while. Especially the annotated examples, where the line numbers for the code listings often bear no relation to the line numbers listed in the accompanying analysis.

Makes you wonder... what else have they got wrong?

This is 2 books from Syngress I've got that are very poor quality. What's going on guys?

I recommend you wait for the 2nd edition.
Waren diese Rezensionen hilfreich? Wir wollen von Ihnen hören.