Muutke küpsiste eelistusi

E-raamat: Reverse Engineering Code with IDA Pro

3.36/5 (21 hinnangut Goodreads-ist)
  • Formaat: PDF+DRM
  • Ilmumisaeg: 18-Apr-2011
  • Kirjastus: Syngress Media,U.S.
  • Keel: eng
  • ISBN-13: 9780080558790
Teised raamatud teemal:
  • Formaat - PDF+DRM
  • Hind: 40,74 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
Reverse Engineering Code with IDA ProSuurem pilt
  • Formaat: PDF+DRM
  • Ilmumisaeg: 18-Apr-2011
  • Kirjastus: Syngress Media,U.S.
  • Keel: eng
  • ISBN-13: 9780080558790
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

If you want to master the art and science of reverse engineering code with IDA Pro for security R&D or software debugging, this is the book for you. Highly organized and sophisticated criminal entities are constantly developing more complex, obfuscated, and armored viruses, worms, Trojans, and botnets. IDA Pro’s interactive interface and programmable development language provide you with complete control over code disassembly and debugging. This is the only book which focuses exclusively on the world’s most powerful and popular took for reverse engineering code.*Reverse Engineer REAL Hostile Code
To follow along with this chapter, you must download a file called !DANGER!INFECTEDMALWARE!DANGER!... ‘nuff said.
*Download the Code!
The companion Web site to this book offers up really evil code for you to reverse engineer and really nice code for you to automate tasks with the IDC Scripting Language.
*Portable Executable (PE) and Executable and Linking Formats (ELF)
Understand the physical layout of PE and ELF files, and analyze the components that are essential to reverse engineering.
*Break Hostile Code Armor and Write your own Exploits
Understand execution flow, trace functions, recover hard coded passwords, find vulnerable functions, backtrace execution, and craft a buffer overflow.
*Master Debugging
Debug in IDA Pro, use a debugger while reverse engineering, perform heap and stack access modification, and use other debuggers.
*Stop Anti-Reversing
Anti-reversing, like reverse engineering or coding in assembly, is an art form. The trick of course is to try to stop the person reversing the application. Find out how!
*Track a Protocol through a Binary and Recover its Message Structure
Trace execution flow from a read event, determine the structure of a protocol, determine if the protocol has any undocumented messages, and use IDA Pro to determine the functions that process a particular message.
*Develop IDA Scripts and Plug-ins
Learn the basics of IDA scripting and syntax, and write IDC scripts and plug-ins to automate even the most complex tasks.
Introduction
1(6)
An Overview of Code Debuggers
2(3)
Summary
5(2)
Assembly and Reverse Engineering Basics
7(30)
Introduction
8(1)
Assembly and the IA--32 Processor
8(11)
The Stack, the Heap and Other Sections of a Binary Executable
19(5)
IA-32 Instruction Set Refresher and Reference
24(11)
Summary
35(2)
Portable Executable and Executable and Linking Formats
37(30)
Introduction
38(1)
Portable Executable Format
38(12)
Executable and Linking Format
50(16)
Summary
66(1)
Walkthroughs One and Two
67(20)
Introduction
68(1)
Following Execution Flow
68(16)
Reversing What the Binary Does
72(2)
The Processing Subroutine
74(10)
Solutions Fast Track
84(1)
Frequently Asked Questions
85(2)
Debugging
87(22)
Introduction
88(1)
Debugging Basics
88(4)
Breakpoints
89(1)
Hardware Breakpoints
89(1)
Software Breakpoints
89(1)
Using Breakpoints
90(1)
Single Stepping
90(1)
Watches
90(1)
Exceptions
91(1)
Tracing
91(1)
Debugging in IDA Pro
92(2)
Use of Debugging while Reverse Engineering
94(8)
Heap and Stack Access and Modification
102(2)
Other Debuggers
104(3)
Windbg
104(1)
Ollydbg
105(1)
Immunity Debugger (Immdbg)
105(1)
PaiMei/PyDbg
105(1)
GDB
106(1)
Summary
107(2)
Anti-Reversing
109(28)
Introduction
110(1)
Debugging
110(4)
Example Overview
114(2)
Obfuscation
116(20)
Summary
136(1)
Walkthrough Four
137(28)
The Protocol Problem
138(1)
Protocol Structure
138(27)
Framing and Reassembly
138(2)
Self Similarity
140(13)
Hit Marking
153(5)
Example Hitlist
158(7)
Advanced Walkthrough
165(34)
Introduction
166(1)
Reversing Malware
167(32)
IDA Scripting and Plug-ins
199(112)
Introduction
200(1)
Basics of IDA Scripting
200(1)
IDC Syntax
201(8)
Output
201(1)
Variables
202(1)
Conditionals
203(1)
Loops
203(2)
Functions
205(1)
Local and Global Scope
206(1)
Global Variables
207(2)
Simple Script Examples
209(4)
Writing IDC Scripts
213(14)
Problem solving with IDC
213(1)
The Problem
214(1)
Problem Background
214(2)
Proposed solution
216(4)
Possible Improvements
220(1)
New IDC Debugger Functionality
221(1)
Useful IDC Functions
222(1)
Reading and Writing Memory
222(1)
Cross References
222(1)
Code Xrefs
223(1)
Data Xrefs
224(1)
Data Representation
224(1)
Comments
225(1)
Code Traversal
225(1)
Input and Output
226(1)
Basics of IDA Plug-ins
227(4)
Module/Plug-in Resources
227(3)
Introducing the IDA Pro SDK
230(1)
SDK Layout
230(1)
Plug-in Syntax
231(1)
Setting up the Development Environment
232(2)
Simple Plug-in Examples
234(22)
The Hello World Plug-in
234(4)
The find memcpy Plug-in
238(13)
Collecting Data
251(2)
Displaying Data
253(2)
Conclusion
255(1)
The Indirect Call Plug-in
256(45)
Collecting Data
256(2)
User Interface
258(2)
Implementing the Callback
260(1)
dbg_bpt
260(2)
dbg_step_into
262(1)
dbg_process_exit
262(1)
Presenting Results
263(38)
Plug-in Development and Debugging Strategies
301(6)
Create a new IDA Development Directory
301(1)
Editing Configuration Files
302(1)
Using an Unpacked Database
302(1)
Enabling Exit without Saving
303(1)
Plug-in Arguments
303(1)
Scripting to Help Plug-in Development
304(3)
Loaders
307(1)
Processor Modules
308(1)
Third-party Scripting Plug-ins
308(2)
IDAPython
309(1)
Supported Platforms
309(1)
IDARub
309(1)
Frequently Asked Questions
310(1)
Index 311
Dan Kaminsky is the Director of Penetration Testing for IOActive. Previously of Cisco and Avaya, Dan has been operating professionally in the security space since 1999. He is best known for his "Black Ops" series of talks at the well respected Black Hat Briefings conferences. He is also the only speaker who has attended and spoken at every single "Blue Hat" Microsoft internal training event. Dan focuses on design level fault analysis, particularly against massive-scale network applications. Dan regularly collects detailed data on the health of the worlwide Internet, and recently used this data to detect the worldwide proliferation of a major rootkit. Dan is one of the few individuals in the world to combine both technical expertise with executive level consulting skills and prowess.
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97800805587902e.html
Märksõnad: