What Is an Idle Scan?
As a best-selling book on hacking, "The Way of Hacking: The Art of Vulnerability Discovery (2nd Edition of the Original Book)" completely describes hacking techniques from the perspective of program development. Programming knowledge such as heap, stack overflow, writing of format strings, network knowledge such as network sniffing, port scanning, denial of service attacks, and cryptography knowledge such as information theory, password cracking, various encryption methods. By reading "The Way of Hacking: The Art of Vulnerability Discovery (2nd Edition of the Original Book)", readers can understand the essence of hacking, the principles of various hacking techniques, and even use and appreciate various hacking techniques to make their own network It has higher security, better software stability, and more creative problem solving. It is worth mentioning that the code examples in the book are all completed on a computer running Linux based on x86, and the LiveCD provided with "The Way of Hacking: The Art of Vulnerability Discovery (2nd Edition of the Original Book)" has been configured. The Linux environment encourages readers to practice together on computers with similar structures. Readers will see the results of their masterpieces, and continue to experiment and try new technologies, which is the spirit that hackers admire. "The Way of Hacking: The Art of Vulnerability Discovery (2nd Edition of the Original Book)" is suitable for readers who have a certain programming foundation and are interested in hacking techniques. [1]
The Way of Hacking (The Art of Vulnerability Discovery)
- As a best-selling book on hacking, "The Way of Hacking: The Art of Vulnerability Discovery (2nd Edition of the Original Book)" completely describes hacking techniques from the perspective of program development. Although it is not long, it is rich in content, involving buffers, Programming knowledge such as heap, stack overflow, writing of formatted strings, network knowledge such as network sniffing, port scanning, denial of service attacks, and cryptography knowledge such as information theory, password cracking, various encryption methods. By reading "The Way of Hacking: The Art of Vulnerability Discovery (2nd Edition of the Original Book)", readers can understand the essence of hacking, the principles of various hacking techniques, and even use and appreciate various hacking techniques to make their own network systems. It has higher security, better software stability, and more creative problem solving. It is worth mentioning that the code examples in the book are all completed on a computer running Linux based on x86, and the LiveCD provided with "The Way of Hacking: The Art of Vulnerability Discovery (2nd Edition of the Original Book)" has been configured. The Linux environment encourages readers to practice together on computers with similar structures. Readers will see the results of their masterpieces, and continue to experiment and try new technologies, which is the spirit that hackers admire. "The Way of Hacking: The Art of Vulnerability Discovery (2nd Edition of the Original Book)" is suitable for readers who have a certain programming foundation and are interested in hacking techniques. [1]
- "The Way of Hackers: The Art of Vulnerability Discovery (2nd Edition of the Original Book)" is published by China Water Resources and Hydropower Press. The purpose of writing "The Way of Hacking: The Art of Vulnerability Discovery (2nd Edition)" is to share the art of hacking with everyone. Understanding hacking techniques is often difficult because it requires both the breadth and depth of knowledge. Many hacking articles look esoteric and difficult to understand. It is precisely because we lack some training that must be available in advance. "The Way of Hacking: The Art of Vulnerability Discovery (2nd Edition of the Original Book)" makes people more accessible to the hacking world by providing comprehensive knowledge from programming to machine code to vulnerability discovery. In addition, this edition also comes with a bootable Live CD based on Ubuntu Linux, which can be used on all x86 processor computers without modifying the computer's existing OS. This CD contains all the source code in the book, and provides a development and experimental environment that you can use as examples and experimental methods in the book.
- JonErickson, who has a formal education in computer science, often speaks at international computer security conferences. He is currently an expert in cryptography and security in Northern California.
- Translator order.
- About this book
- About the author
- Chapter 1 Introduction
- Chapter 2 Programming
- 2.1 What is programming
- 2.2 Pseudocode
- 2.3 Control Structure
- 2.3.1 If-Then-Else
- 2.3.2 While / Until Loop
- 2.3.3 For Loop
- 2.4 More basic concepts of programming
- 2.4.1 Variables
- 2.4.2 Arithmetic Operators
- 2.4.3 comparison operators
- 2.4.4 Functions
- 2.5 Do It Yourself
- 2.5.1 Think Globally
- 2.5.2 x86 processor
- 2.5.3 Assembly language
- .2.6 Back to Basics
- 2.6.1 String
- 2.6.2 Signed, Unsigned, Long, and Short
- 2.6.3 Pointer
- 2.6.4 Format String
- 2.6.5 Coercion
- 2.6.6 Command line parameters
- 2.6.7 Variable scope
- 2.7 Memory Segmentation
- 2.7.1 Memory Segmentation in C
- 2.7.2 Using the Heap
- 2.7.3 Error checking malloc ()
- 2.8 Use basic knowledge to build programs
- 2.8.1 File access
- 2.8.2 File permissions
- 2.8.3 User ID
- 2.8.4 Structure
- 2.8.5 Function Pointer
- 2.8.6 Pseudo-random Numbers
- 2.8.7 Gambling games
- Chapter 3 Vulnerability Discovery
- 3.1 General tips for vulnerability discovery
- 3.2 buffer overflow
- 3.3 Experiments with BASH
- 3.4 Overflow in other segments
- 3.4.1 A Basic Heap-Based Overflow
- 3.4.2 Function pointer overflow
- 3.5 Format String
- 3.5.1 Format parameters
- 3.5.2 Format String Vulnerability
- 3.5.3 Read the contents of any storage address
- 3.5.4 Write to any memory address
- 3.5.5 Direct parameter access
- 3.5.6 Using Write Short
- 3.5.7 Indirect modification with .dtors
- 3.5.8 Another notesearch vulnerability
- 3.5.9 Rewrite Global Offset Table
- Chapter 4 Network
- 4.1 OSI model
- 4.2 Sockets
- 4.2.1 Socket Functions
- 4.2.2 Socket Address
- 4.2.3 Network Byte Order
- 4.2.4 Inteiaaet Address Translation
- 4.2.5 A simple server example
- 4.2.6 A Web Client Example
- 4.2.7 A Tinyweb Server
- 4.3 Revealing lower level details
- 4.3.1 Data Link Layer
- 4.3.2 Network Layer
- 4.3.3 Transport Layer
- 4.4 Network Eavesdropping
- 4.4.1 Raw Socket Eavesdropping
- 4.4.2 libpcap eavesdropping
- 4.4.3 Decoding layers
- 4.4.4 Activity Eavesdropping
- 4.5 Denial of Service
- 4.5.1 SYN Flood
- 4.5.2 ping of death
- 4.5.3 Tears
- 4.5.4 Ping Flood
- 4.5.5 Amplification Attack
- 4.5.6 Distributed DoS Flood ..
- 4.6 TCP / IP hijacking
- 4.6.1 RST hijack
- 4.6.2 Continue hijacking
- 4.7 Port Scan
- 4.7.1 Secret SYN Scan
- 4.7.2 FIN, X-mas and Null Scan
- 4.7.3 Decoy decoy
- 4.7.4 Idle Scan
- 4.7.5 Active Defense (Shield)
- 4.8 launch an attack
- 4.8.1 Analysis with GDB
- 4.8.2 Very dangerous practice
- 4.8.3 Bind shellcode to a port
- Chapter 5 Shellcode
- 5.1 Comparison of assembly language and C language
- 5.2 The road to shellcode
- 5.2.1 Assembly language instructions using the stack
- 5.2.2 Check systematically with GDB
- 5.2.3 Delete all zero bytes
- 5.3 shell-derived shellcode
- 5.3.1 Privileges
- 5.3.2 shorter code
- 5.4 port binding shellcode
- 5.4.1 Copying standard file descriptors
- 5.4.2 Branch Control Structure
- 5.5 reverse link shellcode
- Chapter 6 Countermeasures
- 6.1 Detection countermeasures
- 6.2 System Daemon
- 6.2.1 Signal Crash
- 6.2.2 tinyweb daemon
- 6.3 Trading instruments
- 6.4 Log files
- 6.5 Ignoring obvious signs
- 6.5.1 One step at a time
- 6.5.2 Restore the original program
- 6.5.3 Child workers
- 6.6 Advanced camouflage
- 6.6.1 Spoofed IP Address
- 6.6.2 Unlogged Vulnerability Discovery
- 6.7 Complete infrastructure
- 6.8 Smuggling payloads
- 6.8.1 String Encoding
- 6.8.2 How to hide NOP padding
- 6.9 Buffer Constraints
- 6.10 Strengthening countermeasures
- 6.11 Unexecutable Stack
- 6.11.1 ret21ibc
- 6.11.2 Returning into system ()
- 6.12 Randomly Arrange Stack Space
- 6.12.1 Research with BASH and GDB
- 6.12.2 Exploring Linux-gate
- 6.12.3 Practical Knowledge
- 6.12.4 First attempt
- 6.12.5 Calculate the probability of success
- Chapter 7 Cryptography
- 7.1 Information theory
- 7.1.1 Absolute security
- 7.1.2 One-time password book
- 7.1.3 Quantum Key Distribution
- 7.1.4 Computing Security
- 7.2 Algorithm Run Time
- 7.3 Symmetric encryption
- 7.4 Asymmetric encryption
- 7.4.1 RSA
- 7.4.2 Peter Shor's Quantum Factorization Algorithm
- 7.5 Mixed passwords
- 7.5.1 Halfway Attack
- 7.5.2 Fingerprints of Hosts with Different SSH Protocols
- 7.5.3 Fuzzy Fingerprint
- 7.6 Password Attack
- 7.6.1 Dictionary Attack
- 7.6.2 Brute Force Attack
- 7.6.3 Hash Lookup Table
- 7.6.4 Cryptographic Probability Matrix
- 7.7 Wireless 802.11b Encryption
- 7.7.1 Wired Equivalent Protocol
- 7.7.2 RC4 Stream Cipher
- 7.8 WEP Attack
- 7.8.1 Offline Brute Force Attack
- 7.8.2 Key Stream Reuse
- 7.8.3 IV-based decryption dictionary table
- 7.8.4 IP Redirection
- 7.8.5 FMS Attack
- Chapter 8 Concluding Remarks
- About Live CD and answers
- references...