31,19 €
Mehr erfahren.
- Herausgeber: Packt Publishing
- Kategorie: Fachliteratur
- Sprache: Englisch
Shellcoding is a technique that is executed by many red teams and used in penetration testing and real-world attacks. Books on shellcode can be complex, and writing shellcode is perceived as a kind of "dark art." Offensive Shellcode from Scratch will help you to build a strong foundation of shellcode knowledge and enable you to use it with Linux and Windows.
This book helps you to explore simple to more complex examples of shellcode that are used by real advanced persistent threat (APT) groups. You'll get to grips with the components of shellcode and understand which tools are used when building shellcode, along with the automated tools that exist to create shellcode payloads. As you advance through the chapters, you'll become well versed in assembly language and its various components, such as registers, flags, and data types. This shellcode book also teaches you about the compilers and decoders that are used when creating shellcode. Finally, the book takes you through various attacks that entail the use of shellcode in both Windows and Linux environments.
By the end of this shellcode book, you'll have gained the knowledge needed to understand the workings of shellcode and build your own exploits by using the concepts explored.
Das E-Book können Sie in Legimi-Apps oder einer beliebigen App lesen, die das folgende Format unterstützen:
Seitenzahl: 197
Veröffentlichungsjahr: 2022
Ähnliche
Offensive Shellcode from Scratch
Get to grips with shellcode countermeasures and discover how to bypass them
Rishalin Pillay
BIRMINGHAM—MUMBAI
Offensive Shellcode from Scratch
Copyright © 2022 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
Group Product Manager: Vijin Boricha
Publishing Product Manager: Shrilekha Malpani
Senior Editor: Arun Nadar
Content Development Editor: Sulagna Mohanty
Technical Editor: Arjun Varma
Copy Editor: Safis Editing
Language Support Editor: Safis Editing
Project Coordinator: Shagun Saini
Proofreader: Safis Editing
Indexer: Tejal Soni
Production Designer: Aparna Bhagat
Marketing Coordinator: Nimisha Dua
First published: May 2022
Production reference: 1090322
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham
B3 2PB, UK.
ISBN 978-1-80324-742-7
www.packt.com
This book is dedicated to Rubleen and Kai. Rubleen, thank you for supporting me through this journey, for all the love you have shown, for being my pillar of support, and for giving me the greatest gift ever – Kai.
I would also like to thank my reviewers, John Stone and Hamza Megahed, for their awesome feedback and support. Last but not least, a big thank you to the real rockstars, my team at Packt, for all their support and awesome work put into developing this book with me.
– Rishalin Pillay
Contributors
About the author
Rishalin Pillay is an offensive cybersecurity expert who holds a number of awards and certifications from multiple companies in the cybersecurity industry. He is well known for his contributions to online learning courses related to red teaming and as the author of the book Learn Penetration Testing. He holds Content Publisher Gold and Platinum awards for his contributions to the cybersecurity industry, including the Event Speaker Gold award for influential public speaking at Tier-1 business events.
About the reviewers
Hamza Megahed is a seasoned information security professional with more than 10 years of experience in penetration testing, security research, threat hunting, and providing security training to both the private and public sectors. He holds a BSc. in computer and system engineering along with many professional certificates, including CISSP, CISM, GXPN, eCRE, eWAPTX, and CRTP. He is the author of Penetration Testing with Shellcode.
John Stone officially started his career in infosec in 2002. From blue to red teaming and some colors in between, John has had varied roles during his career, also up and down the stack, from deep technical implementations to running a security business line. His experience has been built up across various sectors, such as financial services, retail, digital natives, telecommunications, and manufacturing. Apart from various security certifications, John also has a background in data science and is rumored to have once upon a time even been an MSCE on NT. John currently works in the CISO team of a large tech provider.
Table of Contents
Preface
Section 1: Shellcode
Chapter 1: The Ins and Outs of Shellcode
What is shellcode?
Examples of shellcode
Shellcode versus a payload
Breaking down shellcode
Exploring the common types of shellcode
Local shellcode
Remote shellcode
Summary
Further reading
Chapter 2: Assembly Language
Technical requirements
Demystifying assembly language
Types of assembly language
Identifying the elements of assembly language
Registers and flags
Data movement instructions
Arithmetic instructions
Conditional instructions
Summary
Further reading
Chapter 3: Shellcode Tools and Resources
Technical requirements
Interpreters, compilers, and assemblers
Interpreters
Compilers
Interpreters versus compilers
Assemblers
Tools and resources for developing shellcode
Netwide Assembler (NASM)
Microsoft Assembler (MASM)
Visual Studio
GNU Compiler
IDA Pro
x64dbg
Shellcode creation tools
Online shellcode resources
Summary
Section 2: Writing Shellcode
Chapter 4: Developing Shellcode for Windows
Technical requirements
Environment setup
Installing Mona
Anatomy of memory
Shellcode techniques
Buffer overflow attacks
Backdooring PE files with shellcode
Egg hunter
Summary
Further reading
Chapter 5: Developing Shellcode for Linux
Technical requirements
Environment setup
Executable and Linking Format (ELF) fundamentals
Shellcode techniques
Basic Linux shellcode
Egg hunter shellcode
Reverse TCP shellcode
Writing shellcode for x64
Format string vulnerabilities
Summary
Further reading
Section 3: Countermeasures and Bypasses
Chapter 6: Countermeasures and Bypasses
Technical requirements
Countermeasures and bypasses for Windows
Address space layout randomization
Data execution prevention
Stack cookies
Structured exception handling
Countermeasures and bypasses for Linux
NoExecute
Address space layout randomization
Relocation read only
Summary
Further reading
Why subscribe?
Other Books You May Enjoy
Section 1: Shellcode
This section focuses on getting you familiar with shellcode, the various components of shellcode, and more importantly, how shellcode can be used in penetration testing.
This part of the book comprises the following chapters:
Chapter 1, The Ins and Outs of ShellcodeChapter 2, Assembly LanguageChapter 3, Shellcode Tools and Resources
