'Hacking' 카테고리의 다른 글
| SSH JAVA APPLET http://javassh.org/space/start (1) | 2010.04.23 |
|---|---|
| Malware Analysis (0) | 2010.04.23 |
| Update Snort (0) | 2010.03.04 |
| BASE 2010.3.3. Wed (1) | 2010.03.04 |
| Snort IDS Installation (0) | 2010.03.04 |
'REVERSE'에 해당되는 글 6건
- 2010.04.02 Computer Security Consulting
- 2009.01.28 Reverse Engineering Books 1
- 2009.01.20 Common Hacking Tools
- 2009.01.08 Reverse Engineering MIT Lecture for High School Students
- 2009.01.06 OllydbgKR.zip
- 2008.12.16 Getting Started Reverse Engineering
Shellcoder’s Programming Uncovered September 15, 2008
Posted by reversengineering in E-BOOK.add a comment
Shellcoder’s Programming Uncovered
Author(s): Kris Kaspersky
Publisher: A-List Publishing
Date : 2005
Pages : 500
Format : CHM
OCR : Yes
Quality :
Language : English
ISBN : 193176946X
How hackers, viruses, and worms attack computers from the Internet and
exploit security holes in software is explained in this outline of
antivirus software, patches, and firewalls that try in vain to
withstand the storm of attacks. Some software’s effectiveness exists
only in the imaginations of its developers because they prove unable to
prevent the propagation of worms, but this guide examines where
security holes come from, how to discover them, how to protect systems
(both Windows and Unix), and how to do away with security holes
altogether. Unpublished advanced exploits and techniques in both C and
Assembly languages are included.
About the Author
Kris Kaspersky is a technical writer and the author of CD Cracking Uncovered, Code Optimization, and Hacker Disassembling Uncovered.
Table of Contents
Shellcoder’s Programming Uncovered
Introduction
Part I - Introduction to Shellcoding
Chapter 1 - Required Tools
Chapter 2 - Assembly Language - Quick Start
Chapter 3 - Hacking Using GPRS Uncovered
Part II - Overflow Errors
Chapter 4 - Buffers Subject to Overflow (Lane of Monsters)
Chapter 5 - Exploiting SEH
Chapter 6 - Specifiers Under Control
Chapter 7 - Practical Overflow Example
Chapter 8 - Searching for Overflowing Buffers
Chapter 9 - Methods of Protecting Buffers Against Overflow
Part III - Secrets of Designing Shellcode
Chapter 10 - Shellcoding Problems
Chapter 11 - The Technique of Writing Portable Shellcode
Chapter 12 - Self-Modification Basics
Chapter 13 - Playing Hide-and-Seek Under Linux
Chapter 14 - Capturing Ring 0 Under Linux
Chapter 15 - Compiling and Decompiling Shellcode
Part IV - Network Worms and Local Viruses
Chapter 16 - Life Cycle of a Worm
Chapter 17 - Local Viruses in the UNIX World
Chapter 18 - Viruses in Scripts
Chapter 19 - ELF Files
Chapter 20 - Method of Capturing Control
Chapter 21 - Main Symptoms of Virus Infection
Chapter 22 - Simplest Windows NT Virus
Part V - Firewalls, Honeypots, and Other Protection Systems
Chapter 23 - Bypassing Firewalls
Chapter 24 - Escaping through the Firewall
Chapter 25 - Organizing a Remote Shell Under UNIX and Windows NT
Chapter 26 - Hackerz Love Honey
Chapter 27 - Sniffing a LAN
Chapter 28 - Databases Under Attack
Part VI - Exotic Objects for Insertion
Chapter 29 - Attacking Bluetooth
Chapter 30 - Economizing on GPRS
Chapter 31 - Legends and Myths about Flashing BIOS
Chapter 32 - Viruses Infecting BIOS
CD Description
List of Figures
List of Tables
List of Listings
http://rapidshare.com/files/145479299/193176946X.chm
if u like all this book buy it.
Reverse Engineering September 15, 2008
Posted by reversengineering in E-BOOK.add a comment
Reverse Engineering
Author(s): Linda M. Wills (Editor), Philip Newcomb
Publisher: Springer
Date : 1996
Pages : 188
Format : PDF
OCR : Y
Quality :
Language :
ISBN : 0792397568
Product Description
Reverse Engineering brings together in one place important contributions and up-to-date research results in this important area.
Reverse Engineering serves as an excellent reference, providing insight into some of the most important issues in the field.
Product Details
* Hardcover: 188 pages
* Publisher: Springer (July 31, 1996)
* Language: English
* ISBN-10: 0792397568
* ISBN-13: 978-0792397564
http://rapidshare.com/files/145476429/RevEngin.pdf
Reverse Engineering: An Industrial Perspective September 15, 2008
Posted by reversengineering in E-BOOK.add a comment
Reverse Engineering: An Industrial Perspective
Author(s): Vinesh Raja (Editor), Kiran J. Fernandes
Publisher: Springer
Date : 2007
Pages : 242
Format : PDF
OCR : Y
Quality :
Language :
ISBN : 184628855X
Product Description
Reverse engineering is the process of discovering the technological principles of an object or component through analysis of its structure and function. Such analysis can then be used to redesign the object very quickly using computer-aided design in concert with rapid-manufacturing processes to produce small numbers of components adapted to the needs of a particular customer. This way of working has huge benefits of speed and flexibility over traditional mass-production-based design and manufacturing processes.
This edited collection of essays from world-leading academic and industrial authors yields insight into all aspects of reverse engineering:
The methods of reverse engineering analysis are covered, with special emphasis on the investigation of surface and internal structures.
Frequently-used hardware and software are assessed and advice given on the most suitable choice of system.
Rapid prototyping is introduced and its relationship with successful reverse engineering is discussed.
Importantly, legal matters surrounding reverse engineering are addressed as are other barriers to the adoption of these techniques.
Applications of reverse engineering in three significant areas: automotive, aerospace, and medical engineering are reported in depth.
Reverse Engineering is a “must have” title for anyone working with advanced modern manufacturing technologies, either with a view to researching and improving them further or to making their company leaner and more agile in a competitive manufacturing marketplace.
About the Author
Professor Vinesh Raja is a Professorial Fellow in Informatics at the University of Warwick. He is in-charge of the Informatics Group, which encompasses the Virtual Reality Center (VRC) and the Collaborative Product Commerce Center (CPC) at the Warwick Manufacturing Group. He focuses on augmenting and extending everyday, learning and work activities with interactive technologies that move beyond the desktop. This involves designing enhanced user experiences through appropriating and assembling a diversity of technologies including haptics, handheld and pervasive computing. The main focus of his research is not the technology per se but the design and integration of the digital representations that are presented via them to support social and cognitive activities in ways that extend current capabilities.
Dr. Kiran Jude Fernandes is the 40th Anniversary Research Lecturer
in Management at the University of York. He has been a pioneer in the
systematic study of Information Modelling Techniques and Tools and has
studied their evolution using techniques from the Biological Sciences
Domain. His research and teaching interests include strategic uses of
information systems, information management, and the impact of
information technology on the risks and benefits of outsourcing and
strategic alliances. Prior to joining the University of York, Kiran
worked at the University of Warwick and the NASA John C. Stennis Space
Center.
Product Details
* Hardcover: 242 pages
* Publisher: Springer; 1 edition (December 6, 2007)
* Language: English
* ISBN-10: 184628855X
* ISBN-13: 978-1846288555
http://rapidshare.com/files/145474936/Fring.pdf
Exploiting Software_ How to Break Code September 15, 2008
Posted by reversengineering in E-BOOK.add a comment
Author(s): Greg Hoglund, Gary McGraw
Publisher: Addison-Wesley Professional
Date : 2004
Pages : 512
Format : PDF
OCR : Yes
Quality :
Language : English
ISBN : 0201786958
How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems, and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers. Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out. This must-have book may shock you-and it will certainly educate you. Getting beyond the script kiddie treatment found in many hacking books, you will learn about
* Why software exploit will continue to be a serious problem.
* When network security mechanisms do not work
* Attack patterns
* Reverse engineering
* Classic attacks against server software
* Surprising attacks against client software
* Techniques for crafting malicious input
* The technical details of buffer overflows
* Rootkits
Exploiting Software is filled with the tools, concepts, and knowledge necessary to break
software.
Amazon.com
Computing hardware would have no value without software; software tells
hardware what to do. Software therefore must have special authority
within computing systems. All computer security problems stem from that
fact, and Exploiting Software: How to Break Code shows you how to
design your software so it’s as resistant as possible to attack. Sure,
everything’s phrased in offensive terms (as instructions for the
attacker, that is), but this book has at least as much value in showing
designers what sorts of attacks their software will face (the book
could serve as a checklist for part of a pre-release testing regimen).
Plus, the clever reverse-engineering strategies that Greg Hoglund and
Gary McGraw teach will be useful in many legitimate software projects.
Consider this a recipe book for mayhem, or a compendium of lessons
learned by others. It depends on your situation.
PHP programmers will take issue with the authors’ blanket assessment of
their language (”PHP is a study in bad security”), much of which seems
based on older versions of the language that had some risky default
behaviors–but those programmers will also double-check their servers’
register_globals settings. Users of insufficiently patched Microsoft
and Oracle products will worry about the detailed attack instructions
this book contains. Responsible programmers and administrators will
appreciate what amounts to documentation of attackers’ rootkits for
various operating systems, and will raise their eyebrows at the
techniques for writing malicious code to unused EEPROM chips in target
systems. –David Wall
Topics covered: How to make software fail, either by doing something
it wasn’t designed to do, or by denying its use to its rightful users.
Techniques–including reverse engineering, buffer overflow, and
particularly provision of unexpected input–are covered along with the
tools needed to carry them out. A section on hardware viruses is
detailed and frightening.
http://rapidshare.com/files/145477603/Exploiting_Software_How_to_Break_Code.pdf
Dictionary of Computing September 15, 2008
Posted by reversengineering in E-BOOK.add a comment
Dictionary of Computing
Simon Collin, “Dictionary of Computing”
Bloomsbury Reference l PDF l 385 Pages l 5 MB
Book Description :
The more than 10,000 entries in this computer reference provide comprehensive coverage of computer terms, including those related to hardware and software applications, programming languages, networks and communications, the Internet, and e-commerce. Quotations from computer magazines and newspapers offer examples of usage in this updated edition.
DownloadLink: http://rapidshare.com/files/145481220/dictionary_of_computing.rar
using softice September 15, 2008
Posted by reversengineering in E-BOOK.add a comment
http://letitbit.net/download/716607626683/usingice.pdf.html
'Hacking' 카테고리의 다른 글
| maxmind.com : anti proxy , block proxy users (0) | 2009.01.30 |
|---|---|
| How to block Proxy Servers (0) | 2009.01.29 |
| Debugger (0) | 2009.01.28 |
| Wark/WPE (0) | 2009.01.27 |
| Ollydbg Nonameo Bookmarks Plugins (0) | 2009.01.27 |
for those who are unable to find a non-updating launcher, the file to decompile the system.mrs, the BruteCRC32, and the Hash Tab set-up.
BruteCRC32.rar'Hacking' 카테고리의 다른 글
| ASProtect 1.23 RC4 - 1.3.08.24 (1) | 2009.01.24 |
|---|---|
| Gunz Original Files (0) | 2009.01.20 |
| IDA PRO beginner tutorial (0) | 2009.01.11 |
| 1.2.3.bmp (0) | 2009.01.10 |
| Hex Calculator (0) | 2009.01.10 |
ReverseEnginering.pdf'Hacking' 카테고리의 다른 글
| Gunz Offset (0) | 2009.01.09 |
|---|---|
| Forensic Documents (0) | 2009.01.08 |
| Gunz Hacking (0) | 2009.01.06 |
| Inject your code into PE file (0) | 2009.01.06 |
| SoftICE (0) | 2009.01.06 |
ollydbgKR.zip'Hacking' 카테고리의 다른 글
| SoftICE (0) | 2009.01.06 |
|---|---|
| DeFixed_Edition.zip (0) | 2009.01.06 |
| Gunz Hacking: LOLTASTIC.RAR 12/30/08 (0) | 2009.01.01 |
| New Mac Security News (1) | 2008.12.30 |
| Reverse Engineering and Function Calling by Address (0) | 2008.12.27 |
As engineers and computer folks, we all like to figure out how things work. We just can't leave well enough alone, we have to poke and prod at things until we can see exactly how the implementers did it. While we sometimes pull things apart just out of curiosity, sometimes we have to get in there and figure out how something was done so that we can take advantage of a feature or work around a bug in the implementation. Reverse engineering allows us to peel the layers of engineering back one at a time until you can see enough information to see the item works.
For some odd reason, I've spent a good bit of time in my career figuring out how other people did things. In this column, I want discuss how you can get started with your own reverse engineering tasks. I'll start out with the biggest mistakes that most people make reverse engineering. Finally, it takes quite a bit of knowledge to become really good at reverse engineering so I'll point out the areas were you can study to learn more. In my next column, I'll go through a real life example of something I reversed engineered so you can see the thought process in action.
(continued)
 |
 Get a Deeper Technical View of Intel vPro TechnologyWith todays need for increased security and for establishing well-managed environments, the cost of managing PCs has become a significant percentage of the total cost of ownership (TCO) of technology. A critical capability that would help IT do more with the resources they have is the ability to protect and remotely manage both notebook and desktop PCs, regardless of wired or wireless state, or the state of the OS. Click here. Intel vPro and Centrino Pro Processor Technology Quick Start GuideIntel Active Management Technology provides various configuration options for customers to use when deploying Intel vPro and Intel Centrino Pro processor technology-enabled systems into their environment. Get a step-by-step approach of what needs to be done to successfully deploy Intel AMT systems. Click here. The Pro Platform: Intel vPro Technology PodcastIntel's answer to business users who want to be able to keep track of who's on the network, where and the security risks they pose is the growing Pro platform. Click here. |
 |
Before we get started, I have to discuss a bit about the legal ramifications to reverse engineering. Most of your software licenses have clauses in them where you are not supposed to do any reverse engineering. What I discuss in this column might cause you to break those licenses. Therefore, caveat emptor, buyer beware. If a software manufacturer does sue you, you cannot hold me responsible as I am giving you plenty of warning. I am not a lawyer so check with your own legal council before you proceed. The final note about reverse engineering is that it can make your life very difficult in future releases of your product. While you might figure out how something works internally, if you rely on that internal knowledge in your product, you can easily break the next time the operating system or third party product you integrate changes. You should never rely on hacks you figured out through reverse engineering unless you are prepared to spend a considerable amount of time re-reverse engineering each time a new release comes out. Operating system writers and third party vendors spend a considerable amount of time working on documented interfaces for you to use. If you circumvent them, you can pay an exorbitant price down the road. They are not called undocumented interfaces or techniques for nothing!
The Big Mistakes
The best way to show the first mistake is to start out with the first two lines of an email I received recently: "I need to figure out how Word does word wrapping with variable pitched fonts. How do I start?" The mistake is that people think they can reverse engineer their way to an algorithmic design for their product. While I'm sure if you were given enough resources and infinite time, you could probably figure it out. However, you would take the remainder of your 30+-year career looking at the same four billion assembly language instructions. Reverse engineering will never take the place of designing your application.
The second, and most common, mistake is that people try to reverse engineer far more than they should. It's the age-old case of biting off more than you can chew. To successfully reverse engineer, you need to have a clear and concise goal. My rule of thumb is to never embark on a reverse engineering task unless I feel it's solvable in less than a day or two. It's just not worth the effort to reverse engineer something for several weeks when you could spend a couple of days designing around the problem or issue right up front.
What You Have To Know
While most people think being an assembly language programming god is the first step to reverse engineering, it really isn't. It helps quite a bit, but I've figured out how many things work without ever cracking a disassembler. The most important thing when reverse engineering is to step back and figure out how you would implement the functionality you are reverse engineering. By writing out the algorithm you would use to solve a problem, you can many times "see" very quickly how something works.
An excellent example is when I needed to figure out how compiled VB binaries and p-code VB binaries called into the VB run time, MSVBVM60.DLL. My first thought was that if I were responsible for designing the VB run time, I would want the interfaces to be the same no matter how the VB code was compiled. That way I would have only one way of testing interface calling. I had heard that p-code executes directly and not run through a Just-In-Time (JIT) compilation process. Therefore, the p-code calls would have to go through some "thunk" to call the run time. In scripting languages, thunks allow the scripting language to call into actual CPU code. The interesting thing with thunks is that they are allocated memory that the programmer has the CPU instruction pointer jump to. With this thought, I figured that if I were writing the compiled VB portions, I would use the same technique.
When I was going through this thought process, I never once used the debugger or looked at a disassembly. In essence, I was making a hypothesis. The good old scientific method proves itself yet again. Armed with my hypothesis on how VB made the calls, loaded up one native compiled application and one p-code compiled application into two debuggers. I set a breakpoint on rtcBeep exported from MSVBVM60.DLL because I guessed that the VB intrinsic function, Beep, must call down into rtcBeep. When each compiled program stopped on rtcBeep, I looked up the call stack at the calling function. The Call stack window showed that the address for the caller did not have symbols. I then checked the address of the memory against the Modules dialog and noticed the address of the memory did not appear in any of the loaded modules. I then when through the same process with the p-code compiled application, so I could verify my hypothesis again. Therefore, memory containing the thunk callers came from allocated memory and both native compiled and p-code compiled VB both called through thunks the same way. It didn't take any knowledge of assembly language to figure out the solution, just a hypothesis on how I would have implemented the functionality if I were to write it, and a way to verify that hypothesis.
As you can see from the previous discussion, it also helps to have an idea how different problems can be solved using the facilities provided by the operating system. In the Windows world, that means knowing about how Windows itself works. The first book you need to read cover to cover is Charles Petzold's Programming Windows. Charles covers how the basics of Windows and shows you how it all fits together. Fundamentally, Windows is a simple messaging based system and if you know messaging like the back of your hand, you will have a much better chance at figuring out how to consider solving various reverse engineering challenges. You will learn more about Windows if you sit down and write Notepad in straight C programming than almost anything else. The second book you need to read from cover to cover is Jeffrey Richter's Programming Applications for Windows. Once you understand the fundamentals of Windows, Jeffrey's book will get you up to speed on things like memory management and DLLs. Once you have a good grasp of those two technologies, you will be able to see how many problems in Windows get solved. Depending on what you are doing, a few other books might be useful as well. David Solomon and Mark Russinovich's Inside Windows 2000 can give you insight as to how Windows 2000 works at the kernel level. If you want to learn how to take advantage of the debugger, my own Debugging Applications can show you how to do advanced things with the Visual C++ debugger.
As much as you would like to avoid it, you do need to know assembly language in order to do the most advanced reverse engineering. There are still a few books floating around on how to program Intel x86 assembly language. The one I used to learn with was Mastering Turbo Assembler by Tom Swan, which I am sure is out of print. Assembly language is still taught at the college level so there are good learning books out there. In order to learn assembly language you should look at using the Microsoft Assembler (MASM), which is available with your Universal MSDN subscription, to write either a few simple programs or a DLL with some routines in them. You don't have to get super proficient at assembly language, you just need to be able to read it.
What You Have To Use
After reading the books, you need to start developing your toolkit. There are many tools you can use, but I thought I would list the tools that I have purchased or acquired and I move from machine to machine when reverse engineering. I'll start out with the free products and work my way to the commercial products.
PEDUMP
Matt Pietrek wrote PEDUMP and it's available on the MSDN CD or MSDN Online. PEDUMP dumps all the information about a Portable Executable (PE) binary. You can get the same output with DUMPBIN from Visual Studio, but I like the format of PEDUMP better. When looking for imported and exported functions, you need PEDUMP.
REGMON and FILEMON
Mark Russinovich wrote both REGMON and FILEMON, which are free and downloadable from www.sysinternals.com. REGMON monitors and completely reports all registry access on your computer. FILEMON monitors all disk and file accesses on you computer. Both of these tools allow you to easily see who's doing what to whom. One time I purchased a product that was downloadable and as a challenge, I wanted to see if I could break their registration scheme before I entered my valid, purchased ID. A total of two minutes with REGMON and I broke the scheme.
DEPENDS
The DEPENDS program from the Platform SDK reports all imported functions used by a program. You can even run an application under depends and see what functions it acquires through GetProcAddress. DEPENDS is the tool for monitoring what exports are used out of a DLL.
BoundsChecker
BoundsChecker is a commercial error detection tool from Compuware/NuMega. You can get more information about BoundsChecker by visiting www.numega.com. What many people don't realize about BoundsChecker is that it will monitor and record each and every API call a program makes and show them in the wonderful Event view. What makes it even more interesting is that BoundsChecker will record the complete parameter information and function return values as well. While you can't see into the APIs, BoundsChecker makes it quite easy to see API functions an algorithm called to get the work done. When I worked at NuMega, one of the demos we had was to show how the Solitaire game did the card magic at the end of the game.
SoftICE
SoftICE is also a commercial product from Compuware/NuMega. When you think of reverse engineering in Windows, SoftICE is right there because it's used by more people to reverse engineer things than anything else. I described how to get started with SoftICE in a previous column so you can turn there to get an idea how to use it. What I've always found amusing is that SoftICE is one of the most heavily pirated pieces of software around today. The beauty of SoftICE is that it allows you to see anywhere and everywhere, as well as get more information about the operating system than anything else.
A Disassembler
The final tool you need for larger reverse engineering chores is a disassembler. You already have one with the -DISASM switch to DUMPBIN. What makes DUMPBIN a little more useable is that it will use any symbols it can find so you can get more information. What you will probably want to do is to write a Perl script to process the output to make it more readable. While you can always use the debugger's Disassembly window, you sometimes need the disassembly in a text file.
Wrap Up
I hope I've given you an idea on how to get started with your reverse engineering challenges and how to deploy it properly. It's a big commitment to reverse engineer something so use it only when you have no other choice. In my next column, I'll apply the lessons and reverse engineer a few things in the operating system so you can see how they work.
'Hacking' 카테고리의 다른 글
| Buffer Overflow (0) | 2008.12.18 |
|---|---|
| Apple Mac OS X Security Update Fixes Multiple Vulnerabilities (0) | 2008.12.17 |
| Problems with Penetration Testing (0) | 2008.12.08 |
| Security Job (0) | 2008.12.04 |
| Manual Unpacking of UPX Packed PE File (0) | 2008.12.04 |
