Penetration Testing with Shellcode Detect, exploit, and secure network-level and operating system vulnerabilities
Chapter 3: Assembly Language in Linux; Assembly language code structure; Data types; Hello world; Stack; Data manipulation; The mov instruction ; Data swapping; Load effective address; Arithmetic operations; Loops; Controlling the flow; Procedures; Logical operations ; Bitwise operations; Bit-...
| Autor principal: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Birmingham :
Packt Publishing
2018.
|
| Colección: | EBSCO Academic eBook Collection.
|
| Acceso en línea: | Conectar con la versión electrónica |
| Ver en Universidad de Navarra: | https://innopac.unav.es/record=b46081148*spi |
Tabla de Contenidos:
- Cover; Title Page; Copyright and Credits; Packt Upsell; Contributors; Table of Contents; Preface; Chapter 1: Introduction; What is a stack?; What is a buffer?; What is stack overflow?; What is a heap?; What is heap corruption?; Memory layout; What is shellcode?; Computer architecture; Registers; General purpose registers; Instruction pointer; Segment registers; Endianness; System calls; What are syscalls?; Summary; Chapter 2: Lab Setup; Configuring the attacker machine; Configuring Linux victim machine; Configuring Windows victim machine; Configuring Ubuntu for assembly x86; Networking.
- The jmp-call technique The stack technique ; The execve syscall; TCP bind shell; Reverse TCP shell; Generating shellcode using Metasploit; Summary ; Chapter 6: Buffer Overflow Attacks; Stack overflow on Linux; Stack overflow on Windows; Summary; Chapter 7: Exploit Development â#x80;#x93; Part 1; Fuzzing and controlling instruction pointer; Using Metasploit Framework and PEDA; Injecting shellcode; A complete example of buffer overflow; Summary; Chapter 8: Exploit Development â#x80;#x93; Part 2; Injecting shellcode; Return-oriented programming; Structured exception handling; Summary.
- Chapter 9: Real-World Scenarios â#x80;#x93; Part 1Freefloat FTP Server; Fuzzing ; Controlling the instruction pointer; Injecting shellcode ; An example; Summary ; Chapter 10: Real-World Scenarios â#x80;#x93; Part 2; Sync Breeze Enterprise; Fuzzing; Controlling the instruction pointer; Injecting shell code ; Summary ; Chapter 11: Real-World Scenarios â#x80;#x93; Part 3; Easy File Sharing Web Server; Fuzzing ; Controlling SEH; Injecting shellcode ; Summary ; Chapter 12: Detection and Prevention; System approach; Compiler approach ; Developer approach ; Summary; Other Books You May Enjoy; Index.
