Sockets, Shellcode, Porting, and Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals

James C Foster (Author)

9781597490054, Elsevier Science

Paperback / softback, published 26 April 2005

696 pages
22.9 x 15.2 x 4.2 cm, 0.98 kg

The book is logically divided into 5 main categories with each category representing a major skill set required by most security professionals:

1. Coding – The ability to program and script is quickly becoming a mainstream requirement for just about everyone in the security industry. This section covers the basics in coding complemented with a slue of programming tips and tricks in C/C++, Java, Perl and NASL.

2. Sockets – The technology that allows programs and scripts to communicate over a network is sockets. Even though the theory remains the same – communication over TCP and UDP, sockets are implemented differently in nearly ever language.

3. Shellcode – Shellcode, commonly defined as bytecode converted from Assembly, is utilized to execute commands on remote systems via direct memory access.

4. Porting – Due to the differences between operating platforms and language implementations on those platforms, it is a common practice to modify an original body of code to work on a different platforms. This technique is known as porting and is incredible useful in the real world environments since it allows you to not “recreate the wheel.?

5. Coding Tools – The culmination of the previous four sections, coding tools brings all of the techniques that you have learned to the forefront. With the background technologies and techniques you will now be able to code quick utilities that will not only make you more productive, they will arm you with an extremely valuable skill that will remain with you as long as you make the proper time and effort dedications.

Section 1 – 0-day Basics Introduction
Security Coding
NASL
Section 2 – Networking 0-Day Code Introduction
BSD Sockets
Winsock
Java Sockets
Section 3 - Shellcode Introduction
Shellcode Techniques
Writing Shellcode
Section 4 – Universal Exploitation Introduction
Writing Portable Code
Writing Portable Network Code
Section 5 - Automation Introduction
Automating Exploits I
Automating Exploits II
Automating Exploits III
Automating Security Components
Automating Identification Tools Appendices: A – Glossary
B - Technical Publications and References
C - Tool and Application Compedium
D - LibWhisker Primer
E - Exploit Archives
F - Useful Syscalls
G - The Complete Data Conversion Table

Subject Areas: Computer security [UR]