چه کسانی این کتاب را می‌خوانند

دانشجوعلاقه‌مند یادگیری
کتابخوان حرفه‌ایلذت مطالعه
نویسندهالهام‌گیری

Attacking network protocols : a hacker's guide to capture, analysis, and exploitation

Forshaw, James;

قیمت نهایی

۴۴٬۰۰۰ تومان۴۹٬۰۰۰ تومان۱۰٪ تخفیف
  • تخفیف زمان‌دار−۵٬۰۰۰ تومان

۵٬۰۰۰ تومان صرفه‌جویی نسبت به قیمت اصلی

نسخه اصلی و اورجینال

بلافاصله پس از خرید، فایل کتاب روی دستگاه شما آمادهٔ دانلود است.

تحویل فوری
پرداخت امن
ضمانت فایل
پشتیبانی

مشخصات کتاب

نویسنده
Forshaw, James;
سال انتشار
۲۰۱۸
فرمت
PDF
زبان
انگلیسی
حجم فایل
۷٫۵ مگابایت
شابک
9781593277505، 9781593278441، 9785970609729، 1593277504، 1593278446، 5970609722

دربارهٔ کتاب

Attacking Network Protocols is a deep dive into network protocol security from James -Forshaw, one of the world's leading bug -hunters. This comprehensive guide looks at networking from an attacker's perspective to help you discover, exploit, and ultimately -protect vulnerabilities. You'll start with a rundown of networking basics and protocol traffic capture before moving on to static and dynamic protocol analysis, common protocol structures, cryptography, and protocol security. Then you'll turn your focus to finding and exploiting vulnerabilities, with an overview of common bug classes, fuzzing, debugging, and exhaustion attacks. Learn how to: - Capture, manipulate, and replay packets - Develop tools to dissect traffic and reverse engineer code to understand the inner workings of a network protocol - Discover and exploit vulnerabilities such as memory corruptions, authentication bypasses, and denials of service - Use capture and analysis tools like -Wireshark and develop your own custom network proxies to manipulate -network traffic Attacking Network Protocols is a must-have for any penetration tester, bug hunter, or developer looking to understand and discover network vulnerabilities. Brief Contents 9 Contents in Detail 11 Foreword 17 Acknowledgments 21 Introduction 23 Why Read This Book? 24 What’s in This Book? 24 How to Use This Book 26 Contact Me 26 Chapter 1: The Basics of Networking 27 Network Architecture and Protocols 27 The Internet Protocol Suite 28 Data Encapsulation 30 Headers, Footers, and Addresses 30 Data Transmission 32 Network Routing 33 My Model for Network Protocol Analysis 34 Final Words 36 Chapter 2: Capturing Application Traffic 37 Passive Network Traffic Capture 38 Quick Primer for Wireshark 38 Alternative Passive Capture Techniques 40 System Call Tracing 40 The strace Utility on Linux 42 Monitoring Network Connections with DTrace 42 Process Monitor on Windows 44 Advantages and Disadvantages of Passive Capture 45 Active Network Traffic Capture 46 Network Proxies 46 Port-Forwarding Proxy 47 SOCKS Proxy 50 HTTP Proxies 55 Forwarding an HTTP Proxy 55 Reverse HTTP Proxy 58 So Which Approach Should You Use? 61 Chapter 3: Network Protocol Structures 63 Binary Protocol Structures 64 Numeric Data 64 Booleans 67 Bit Flags 67 Binary Endian 67 Strings 68 Variable Binary Length Data 73 Dates and Times 75 POSIX/Unix Time 76 Windows FILETIME 76 Tag, Length, Value Pattern 76 Multiplexing and Fragmentation 77 Network Address Information 78 Structured Binary Formats 79 Text Protocol Structures 80 Numeric Data 81 Text Booleans 81 Dates and Times 81 Variable-Length Data 82 Structured Text Formats 82 Encoding Binary Data 85 Hex Encoding 85 Base64 86 Final Words 88 Chapter 4: Advanced Application Traffic Capture 89 Rerouting Traffic 90 Using Traceroute 90 Routing Tables 91 Configuring a Router 92 Enabling Routing on Windows 93 Enabling Routing on *nix 93 Network Address Translation 94 Enabling SNAT 94 Configuring SNAT on Linux 95 Enabling DNAT 96 Forwarding Traffic to a Gateway 97 DHCP Spoofing 97 ARP Poisoning 100 Final Words 103 Chapter 5: Analysis from the Wire 105 The Traffic-Producing Application: SuperFunkyChat 106 Starting the Server 106 Starting Clients 106 Communicating Between Clients 107 A Crash Course in Analysis with Wireshark 107 Generating Network Traffic and Capturing Packets 109 Basic Analysis 110 Reading the Contents of a TCP Session 111 Identifying Packet Structure with Hex Dump 112 Viewing Individual Packets 113 Determining the Protocol Structure 114 Testing Our Assumptions 115 Dissecting the Protocol with Python 116 Developing Wireshark Dissectors in Lua 121 Creating the Dissector 124 The Lua Dissection 125 Parsing a Message Packet 126 Using a Proxy to Actively Analyze Traffic 129 Setting Up the Proxy 129 Protocol Analysis Using a Proxy 131 Adding Basic Protocol Parsing 133 Changing Protocol Behavior 134 Final Words 136 Chapter 6: Application Reverse Engineering 137 Compilers, Interpreters, and Assemblers 138 Interpreted Languages 138 Compiled Languages 139 Static vs. Dynamic Linking 139 The x86 Architecture 140 The Instruction Set Architecture 140 CPU Registers 142 Program Flow 144 Operating System Basics 145 Executable File Formats 145 Sections 146 Processes and Threads 146 Operating System Networking Interface 147 Application Binary Interface 149 Static Reverse Engineering 151 A Quick Guide to Using IDA Pro Free Edition 151 Analyzing Stack Variables and Arguments 154 Identifying Key Functionality 155 Dynamic Reverse Engineering 160 Setting Breakpoints 161 Debugger Windows 161 Where to Set Breakpoints? 163 Reverse Engineering Managed Languages 163 .NET Applications 163 Using ILSpy 164 Java Applications 167 Dealing with Obfuscation 169 Reverse Engineering Resources 170 Final Words 170 Chapter 7: Network Protocol Security 171 Encryption Algorithms 172 Substitution Ciphers 173 XOR Encryption 174 Random Number Generators 175 Symmetric Key Cryptography 175 Block Ciphers 176 Block Cipher Modes 178 Block Cipher Padding 181 Padding Oracle Attack 182 Stream Ciphers 184 Asymmetric Key Cryptography 185 RSA Algorithm 186 RSA Padding 188 Diffie–Hellman Key Exchange 188 Signature Algorithms 190 Cryptographic Hashing Algorithms 190 Asymmetric Signature Algorithms 191 Message Authentication Codes 192 Public Key Infrastructure 195 X.509 Certificates 195 Verifying a Certificate Chain 196 Case Study: Transport Layer Security 198 The TLS Handshake 198 Initial Negotiation 199 Endpoint Authentication 200 Establishing Encryption 201 Meeting Security Requirements 202 Final Words 204 Chapter 8: Implementing the Network Protocol 205 Replaying Existing Captured Network Traffic 206 Capturing Traffic with Netcat 206 Using Python to Resend Captured UDP Traffic 208 Repurposing Our Analysis Proxy 209 Repurposing Existing Executable Code 214 Repurposing Code in .NET Applications 215 Repurposing Code in Java Applications 219 Unmanaged Executables 221 Encryption and Dealing with TLS 226 Learning About the Encryption In Use 226 Decrypting the TLS Traffic 227 Final Words 232 Chapter 9: The Root Causes of Vulnerabilities 233 Vulnerability Classes 234 Remote Code Execution 234 Denial-of-Service 234 Information Disclosure 235 Authentication Bypass 235 Authorization Bypass 235 Memory Corruption Vulnerabilities 236 Memory-Safe vs. Memory-Unsafe Programming Languages 236 Memory Buffer Overflows 236 Out-of-Bounds Buffer Indexing 242 Data Expansion Attack 243 Dynamic Memory Allocation Failures 243 Default or Hardcoded Credentials 244 User Enumeration 244 Incorrect Resource Access 245 Canonicalization 246 Verbose Errors 247 Memory Exhaustion Attacks 248 Storage Exhaustion Attacks 249 CPU Exhaustion Attacks 250 Algorithmic Complexity 250 Configurable Cryptography 252 Format String Vulnerabilities 253 Command Injection 254 SQL Injection 254 Text-Encoding Character Replacement 255 Summary 257 Chapter 10: Finding and Exploiting Security Vulnerabilities 259 Fuzz Testing 260 The Simplest Fuzz Test 260 Mutation Fuzzer 261 Generating Test Cases 261 Vulnerability Triaging 262 Debugging Applications 262 Improving Your Chances of Finding the Root Cause of a Crash 269 Exploiting Common Vulnerabilities 271 Exploiting Memory Corruption Vulnerabilities 272 Arbitrary Memory Write Vulnerability 279 Writing Shell Code 281 Getting Started 282 Simple Debugging Technique 284 Calling System Calls 285 Executing the Other Programs 289 Generating Shell Code with Metasploit 291 Memory Corruption Exploit Mitigations 292 Data Execution Prevention 293 Return-Oriented Programming Counter-Exploit 294 Address Space Layout Randomization (ASLR) 296 Detecting Stack Overflows with Memory Canaries 299 Final Words 302 Network Protocol Analysis Toolkit 303 Passive Network Protocol Capture and Analysis Tools 304 Microsoft Message Analyzer 304 TCPDump and LibPCAP 304 Wireshark 305 Active Network Capture and Analysis 306 Canape 306 Canape CLI 307 Mallory 307 Network Connectivity and Protocol Testing 308 Hping 308 Netcat 308 Nmap 308 Web Application Testing 309 Burp Suite 309 Zed Attack Proxy (ZAP) 310 Mitmproxy 310 Fuzzing, Packet Generation, and Vulnerability Exploitation Frameworks 311 American Fuzzy Lop (AFL) 311 Kali Linux 312 Metasploit Framework 312 Scapy 313 Sulley 313 Network Spoofing and Redirection 313 DNSMasq 313 Ettercap 313 Executable Reverse Engineering 314 Java Decompiler (JD) 314 IDA Pro 315 Hopper 315 ILSpy 316 .NET Reflector 316 Index 319

قیمت نهایی

۴۴٬۰۰۰ تومان