Attacking network protocols a hacker's guide to capture, analysis, and exploitation
Attacking Network Protocols is a deep dive into network protocol security from James Forshaw, one of the world's leading bug hunters. This comprehensive guide looks at networking from an attacker's perspective to help you discover, exploit, and ultimately protect vulnerabilities. You'...
| Main Author: | |
|---|---|
| Format: | eBook |
| Language: | English |
| Published: |
[Place of publication not identified]
No Starch Press
2018
|
| Subjects: | |
| Online Access: | |
| Collection: | O'Reilly - Collection details see MPG.ReNa |
Table of Contents:
- Intro; Brief Contents; Contents in Detail; Foreword; Acknowledgments; Introduction; Why Read This Book?; What's in This Book?; How to Use This Book; Contact Me; Chapter 1: The Basics of Networking; Network Architecture and Protocols; The Internet Protocol Suite; Data Encapsulation; Headers, Footers, and Addresses; Data Transmission; Network Routing; My Model for Network Protocol Analysis; Final Words; Chapter 2: Capturing Application Traffic; Passive Network Traffic Capture; Quick Primer for Wireshark; Alternative Passive Capture Techniques; System Call Tracing; The strace Utility on Linux
- The Traffic-Producing Application: SuperFunkyChatStarting the Server; Starting Clients; Communicating Between Clients; A Crash Course in Analysis with Wireshark; Generating Network Traffic and Capturing Packets; Basic Analysis; Reading the Contents of a TCP Session; Identifying Packet Structure with Hex Dump; Viewing Individual Packets; Determining the Protocol Structure; Testing Our Assumptions; Dissecting the Protocol with Python; Developing Wireshark Dissectors in Lua; Creating the Dissector; The Lua Dissection; Parsing a Message Packet; Using a Proxy to Actively Analyze Traffic
- Setting Up the ProxyProtocol Analysis Using a Proxy; Adding Basic Protocol Parsing; Changing Protocol Behavior; Final Words; Chapter 6: Application Reverse Engineering; Compilers, Interpreters, and Assemblers; Interpreted Languages; Compiled Languages; Static vs. Dynamic Linking; The x86 Architecture; The Instruction Set Architecture; CPU Registers; Program Flow; Operating System Basics; Executable File Formats; Sections; Processes and Threads; Operating System Networking Interface; Application Binary Interface; Static Reverse Engineering; A Quick Guide to Using IDA Pro Free Edition
- Structured Binary FormatsText Protocol Structures; Numeric Data; Text Booleans; Dates and Times; Variable-Length Data; Structured Text Formats; Encoding Binary Data; Hex Encoding; Base64; Final Words; Chapter 4: Advanced Application Traffic Capture; Rerouting Traffic; Using Traceroute; Routing Tables; Configuring a Router; Enabling Routing on Windows; Enabling Routing on *nix; Network Address Translation; Enabling SNAT; Configuring SNAT on Linux; Enabling DNAT; Forwarding Traffic to a Gateway; DHCP Spoofing; ARP Poisoning; Final Words; Chapter 5: Analysis from the Wire
- Monitoring Network Connections with DTraceProcess Monitor on Windows; Advantages and Disadvantages of Passive Capture; Active Network Traffic Capture; Network Proxies; Port-Forwarding Proxy; SOCKS Proxy; HTTP Proxies; Forwarding an HTTP Proxy; Reverse HTTP Proxy; So Which Approach Should You Use?; Chapter 3: Network Protocol Structures; Binary Protocol Structures; Numeric Data; Booleans; Bit Flags; Binary Endian; Strings; Variable Binary Length Data; Dates and Times; POSIX/Unix Time; Windows FILETIME; Tag, Length, Value Pattern; Multiplexing and Fragmentation; Network Address Information