Muutke küpsiste eelistusi

Foundations of Linux Debugging, Disassembling, and Reversing: Analyze Binary Code, Understand Stack Memory Usage, and Reconstruct C/Cplusplus Code with Intel x64 1st ed. [Pehme köide]

2.00/5 (1 hinnangut Goodreads-ist)
  • Formaat: Paperback / softback, 173 pages, kõrgus x laius: 235x155 mm, kaal: 296 g, 47 Illustrations, black and white; XIV, 173 p. 47 illus., 1 Paperback / softback
  • Ilmumisaeg: 31-Jan-2023
  • Kirjastus: APress
  • ISBN-10: 1484291522
  • ISBN-13: 9781484291528
Teised raamatud teemal:
  • Pehme köide
  • Hind: 53,33 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Tavahind: 62,74 €
  • Säästad 15%
  • Raamatu kohalejõudmiseks kirjastusest kulub orienteeruvalt 2-4 nädalat
  • Kogus:
  • Lisa ostukorvi
  • Tasuta tarne
  • Tellimisaeg 2-4 nädalat
  • Lisa soovinimekirja
Foundations of Linux Debugging, Disassembling, and Reversing: Analyze Binary Code, Understand Stack Memory Usage, and Reconstruct C/Cplusplus Code with Intel x64 1st ed.Suurem pilt
  • Formaat: Paperback / softback, 173 pages, kõrgus x laius: 235x155 mm, kaal: 296 g, 47 Illustrations, black and white; XIV, 173 p. 47 illus., 1 Paperback / softback
  • Ilmumisaeg: 31-Jan-2023
  • Kirjastus: APress
  • ISBN-10: 1484291522
  • ISBN-13: 9781484291528
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9781484291528.html
Märksõnad:
Review topics ranging from Intel x64 assembly language instructions and writing programs in assembly language, to pointers, live debugging, and static binary analysis of compiled C and C++ code. This book is ideal for Linux desktop and cloud developers. 





Using the latest version of Debian, youll focus on the foundations of the diagnostics of core memory dumps, live and postmortem debugging of Linux applications, services, and systems, memory forensics, malware, and vulnerability analysis. This requires an understanding of x64 Intel assembly language and how C and C++ compilers generate code, including memory layout and pointers.





This book provides the back­ground knowledge and practical foundations youll need in order to master internal Linux program structure and behavior. It consists of practical step-by-step exercises of increasing complexity with explanations and ample diagrams. Youll also work with the GDB debugger and use it for disassembly and reversing.  





By the end of the book, you will have a solid understanding of how Linux C and C++ compilers generate binary code. In addition, you will be able to analyze such code confidently, understand stack memory usage, and reconstruct original C/C++ code. Foundations of Linux Debugging, Disassembling, and Reversing is the perfect companion to Foundations of ARM64 Linux Debugging, Disassembling, and Reversing for readers interested in the cloud or cybersecurity.



What You'll Learn

Review the basics of x64 assembly language Examine the essential GDB debugger commands for debugging and binary analysis  Study C and C++ compiler code generation with and without compiler optimizations  Look at binary code disassembly and reversing patterns See how pointers in C and C++ are implemented and used



















Who This Book Is ForSoftware support and escalation engineers, cloud security engineers, site reliability engineers, DevSecOps, platform engineers, software testers, Linux C/C++ software engineers and security researchers without Intel x64 assembly language background, beginners learning Linux software reverse engineering techniques, and engineers coming from non-Linux environments.
About the Author ix
About the Technical Reviewer xi
Preface xiii
Chapter 1 Memory, Registers, and Simple Arithmetic
1(18)
Memory and Registers Inside an Idealized Computer
1(1)
Memory and Registers Inside Intel 64-Bit PC
2(1)
"Arithmetic" Project: Memory Layout and Registers
3(2)
"Arithmetic" Project: A Computer Program
5(1)
"Arithmetic" Project: Assigning Numbers to Memory Locations
5(3)
Assigning Numbers to Registers
8(1)
"Arithmetic" Project: Adding Numbers to Memory Cells
8(3)
Incrementing/Decrementing Numbers in Memory and Registers
11(3)
Multiplying Numbers
14(3)
Summary
17(2)
Chapter 2 Code Optimization
19(8)
"Arithmetic" Project: C/C++ Program
19(1)
Downloading GDB
20(1)
GDB Disassembly Output - No Optimization
20(5)
GDB Disassembly Output - Optimization
25(1)
Summary
26(1)
Chapter 3 Number Representations
27(6)
Numbers and Their Representations
27(1)
Decimal Representation (Base Ten)
28(1)
Ternary Representation (Base Three)
29(1)
Binary Representation (Base Two)
29(1)
Hexadecimal Representation (Base Sixteen)
30(1)
Why Are Hexadecimals Used?
30(2)
Summary
32(1)
Chapter 4 Pointers
33(20)
A Definition
33(1)
"Pointers" Project: Memory Layout and Registers
34(2)
"Pointers" Project: Calculations
36(1)
Using Pointers to Assign Numbers to Memory Cells
36(6)
Adding Numbers Using Pointers
42(3)
Incrementing Numbers Using Pointers
45(3)
Multiplying Numbers Using Pointers
48(3)
Summary
51(2)
Chapter 5 Bytes, Words, Double, and Quad Words
53(6)
Using Hexadecimal Numbers
53(1)
Byte Granularity
53(1)
Bit Granularity
54(1)
Memory Layout
55(3)
Summary
58(1)
Chapter 6 Pointers to Memory
59(22)
Pointers Revisited
59(1)
Addressing Types
59(6)
Registers Revisited
65(1)
NULL Pointers
65(1)
Invalid Pointers
65(1)
Variables As Pointers
66(1)
Pointer Initialization
67(1)
Initialized and Uninitialized Data
67(1)
More Pseudo Notation
68(1)
"Memory Pointers" Project: Memory Layout
68(11)
Summary
79(2)
Chapter 7 Logical Instructions and RIP
81(6)
Instruction Format
81(1)
Logical Shift Instructions
82(1)
Logical Operations
82(1)
Zeroing Memory or Registers
83(1)
Instruction Pointer
84(1)
Code Section
85(1)
Summary
86(1)
Chapter 8 Reconstructing a Program with Pointers
87(10)
Example of Disassembly Output: No Optimization
87(3)
Reconstructing C/C++ Code: Part 1
90(2)
Reconstructing C/C++ Code: Part 2
92(1)
Reconstructing C/C++ Code: Part 3
93(1)
Reconstructing C/C++ Code: C/C++ Program
94(1)
Example of Disassembly Output: Optimized Program
95(1)
Summary
96(1)
Chapter 9 Memory and Stacks
97(20)
Stack: A Definition
97(1)
Stack Implementation in Memory v
98(2)
Things to Remember
100(1)
PUSH Instruction
101(1)
POP Instruction
101(1)
Register Review
102(3)
Application Memory Simplified
105(1)
Stack Overflow
105(1)
Jumps
106(2)
Calls
108(2)
Call Stack
110(2)
Exploring Stack in GDB
112(3)
Summary
115(2)
Chapter 10 Frame Pointer and Local Variables
117(12)
Stack Usage
117(1)
Register Review
118(1)
Addressing Array Elements
118(1)
Stack Structure (No Function Parameters)
119(2)
Function Prolog
121(1)
Raw Stack (No Local Variables and Function Parameters)
121(2)
Function Epilog
123(1)
"Local Variables" Project
124(3)
Disassembly of Optimized Executable
127(1)
Summary
128(1)
Chapter 11 Function Parameters
129(10)
"Function Parameters" Project
129(1)
Stack Structure
130(2)
Function Prolog and Epilog
132(1)
Project Disassembled Code with Comments
133(4)
Parameter Mismatch Problem
137(1)
Summary
138(1)
Chapter 12 More Instructions
139(10)
CPU Flags Register
139(1)
The Fast Way to Fill Memory
140(1)
Testing for 0
141(1)
TEST - Logical Compare
142(1)
CMP - Compare Two Operands
143(1)
TEST or CMP?
144(1)
Conditional Jumps
144(1)
The Structure of Registers
145(1)
Function Return Value
146(1)
Using Byte Registers
146(1)
Summary
147(2)
Chapter 13 Function Pointer Parameters
149(12)
"Function Pointer Parameters" Project
149(1)
Commented Disassembly
150(9)
Summary.v
159(2)
Chapter 14 Summary of Code Disassembly Patterns
161(6)
Function Prolog/Epilog
161(3)
LEA (Load Effective Address)
164(1)
Passing Parameters
164(1)
Accessing Parameters and Local Variables
165(1)
Summary
166(1)
Index 167
Dmitry Vostokov is an internationally recognized expert, speaker, educator, scientist, inventor, and author. He is the founder of the pattern-oriented software diagnostics, forensics, and prognostics discipline (Systematic Software Diagnostics), and Software Diagnostics Institute (DA+TA: DumpAnalysis.org + TraceAnalysis.org). Vostokov has also authored books on software diagnostics, anomaly detection and analysis, software and memory forensics, root cause analysis and problem solving, memory dump analysis, debugging, software trace and log analysis, reverse engineering, and malware analysis. He has over 25 years of experience in software architecture, design, development, and maintenance in various industries, including leadership, technical, and people management roles. In his spare time, he presents various topics on Debugging.TV and explores Software Narratology, its further development as Narratology of Things and Diagnostics of Things (DoT), Software Pathology, and Quantum Software Diagnostics. His current interest areas are theoretical software diagnostics and its mathematical and computer science foundations, application of formal logic, artificial intelligence, machine learning, and data mining to diagnostics and anomaly detection, software diagnostics engineering and diagnostics-driven development, diagnostics workflow, and interaction. Recent interest areas also include cloud native computing, security, automation, functional programming, and applications of category theory to software development and big data. He is based out of Dublin, Ireland.