Cargando…

Penetration Testing with Shellcode : Detect, exploit, and secure network-level and operating system vulnerabilities.

Chapter 3: Assembly Language in Linux; Assembly language code structure; Data types; Hello world; Stack; Data manipulation; The mov instruction ; Data swapping; Load effective address; Arithmetic operations; Loops; Controlling the flow; Procedures; Logical operations ; Bitwise operations; Bit-...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Megahed, Hamza
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Birmingham : Packt Publishing, 2018.
Temas:
Acceso en línea:Texto completo
Tabla de Contenidos:
  • Cover; Title Page; Copyright and Credits; Packt Upsell; Contributors; Table of Contents; Preface; Chapter 1: Introduction; What is a stack?; What is a buffer?; What is stack overflow?; What is a heap?; What is heap corruption?; Memory layout; What is shellcode?; Computer architecture; Registers; General purpose registers; Instruction pointer; Segment registers; Endianness; System calls; What are syscalls?; Summary; Chapter 2: Lab Setup; Configuring the attacker machine; Configuring Linux victim machine; Configuring Windows victim machine; Configuring Ubuntu for assembly x86; Networking.
  • The jmp-call technique The stack technique ; The execve syscall; TCP bind shell; Reverse TCP shell; Generating shellcode using Metasploit; Summary ; Chapter 6: Buffer Overflow Attacks; Stack overflow on Linux; Stack overflow on Windows; Summary; Chapter 7: Exploit Development â#x80;#x93; Part 1; Fuzzing and controlling instruction pointer; Using Metasploit Framework and PEDA; Injecting shellcode; A complete example of buffer overflow; Summary; Chapter 8: Exploit Development â#x80;#x93; Part 2; Injecting shellcode; Return-oriented programming; Structured exception handling; Summary.
  • Chapter 9: Real-World Scenarios â#x80;#x93; Part 1Freefloat FTP Server; Fuzzing ; Controlling the instruction pointer; Injecting shellcode ; An example; Summary ; Chapter 10: Real-World Scenarios â#x80;#x93; Part 2; Sync Breeze Enterprise; Fuzzing; Controlling the instruction pointer; Injecting shell code ; Summary ; Chapter 11: Real-World Scenarios â#x80;#x93; Part 3; Easy File Sharing Web Server; Fuzzing ; Controlling SEH; Injecting shellcode ; Summary ; Chapter 12: Detection and Prevention; System approach; Compiler approach ; Developer approach ; Summary; Other Books You May Enjoy; Index.