ebook img

Attacking Network Protocols: A Hacker’s Guide to Capture, Analysis, and Exploitation PDF

380 Pages·2017·7.13 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Attacking Network Protocols: A Hacker’s Guide to Capture, Analysis, and Exploitation

ATTACKING NETWORK PROTOCOLS A Hacker’s Guide to Capture, Analysis, and Exploitation by James Forshaw San Francisco ATTACKING NETWORK PROTOCOLS. Copyright © 2018 by James Forshaw. All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owner and the publisher. ISBN-10: 1-59327-750-4 ISBN-13: 978-1-59327-750-5 Publisher: William Pollock Production Editor: Laurel Chun Cover Illustration: Garry Booth Interior Design: Octopod Studios Developmental Editors: Liz Chadwick and William Pollock Technical Reviewers: Cliff Janzen Additional Technical Reviewers: Arrigo Triulzi and Peter Gutmann Copyeditor: Anne Marie Walker Compositors: Laurel Chun and Meg Sneeringer Proofreader: Paula L. Fleming Indexer: BIM Creatives, LLC For information on distribution, translations, or bulk sales, please contact No Starch Press, Inc. directly: No Starch Press, Inc. 245 8th Street, San Francisco, CA 94103 phone: 1.415.863.9900; About the Author James Forshaw is a renowned computer security researcher at Google Project Zero, with more than ten years of experience in analyzing and exploiting application network protocols. His skills range from cracking game consoles to exposing complex design issues in operating systems, especially Microsoft Windows, which earned him the top bug bounty of $100,000 and placed him as the #1 researcher on Microsoft Security Response Center’s (MSRC) published list. He’s the creator of the network protocol analysis tool, Canape, which was developed from his years of experience. He’s been invited to present his novel security research at global security conferences such as BlackHat, CanSecWest and Chaos Computer Congress. About the Technical Reviewer Since the early days of Commodore PET and VIC-20, technology has been a constant companion (and sometimes an obsession!) to Cliff Janzen. Cliff discovered his career passion when he moved to information security in 2008 after a decade of IT operations. Since then, Cliff has had the great fortune to work with and learn from some of the best people in the industry, including Mr. Forshaw and the fine people at No Starch during the production of this book. He is happily employed as a security consultant, doing everything from policy review to penetration tests. He feels lucky to have a career that is also his favorite hobby and a wife who supports him. BRIEF CONTENTS Foreword by Katie Moussouris Acknowledgments Introduction Chapter 1: The Basics of Networking Chapter 2: Capturing Application Traffic Chapter 3: Network Protocol Structures Chapter 4: Advanced Application Traffic Capture Chapter 5: Analysis from the Wire Chapter 6: Application Reverse Engineering Chapter 7: Network Protocol Security Chapter 8: Implementing the Network Protocol Chapter 9: The Root Causes of Vulnerabilities Chapter 10: Finding and Exploiting Security Vulnerabilities Appendix: Network Protocol Analysis Toolkit Index CONTENTS IN DETAIL FOREWORD by Katie Moussouris ACKNOWLEDGMENTS INTRODUCTION Why Read This Book? What’s in This Book? How to Use This Book Contact Me 1 THE BASICS OF NETWORKING Network Architecture and Protocols The Internet Protocol Suite Data Encapsulation Headers, Footers, and Addresses Data Transmission Network Routing My Model for Network Protocol Analysis Final Words 2 CAPTURING APPLICATION TRAFFIC Passive Network Traffic Capture Quick Primer for Wireshark Alternative Passive Capture Techniques System Call Tracing The strace Utility on Linux Monitoring Network Connections with DTrace Process Monitor on Windows Advantages and Disadvantages of Passive Capture Active Network Traffic Capture Network Proxies Port-Forwarding Proxy SOCKS Proxy HTTP Proxies Forwarding an HTTP Proxy Reverse HTTP Proxy Final Words 3 NETWORK PROTOCOL STRUCTURES Binary Protocol Structures Numeric Data Booleans Bit Flags Binary Endian Text and Human-Readable Data Variable Binary Length Data Dates and Times POSIX/Unix Time Windows FILETIME Tag, Length, Value Pattern Multiplexing and Fragmentation Network Address Information Structured Binary Formats Text Protocol Structures Numeric Data Text Booleans Dates and Times Variable-Length Data Structured Text Formats Encoding Binary Data Hex Encoding Base64 Final Words 4 ADVANCED APPLICATION TRAFFIC CAPTURE Rerouting Traffic Using Traceroute Routing Tables Configuring a Router Enabling Routing on Windows Enabling Routing on *nix Network Address Translation Enabling SNAT Configuring SNAT on Linux Enabling DNAT Forwarding Traffic to a Gateway DHCP Spoofing ARP Poisoning Final Words 5 ANALYSIS FROM THE WIRE The Traffic-Producing Application: SuperFunkyChat Starting the Server Starting Clients Communicating Between Clients A Crash Course in Analysis with Wireshark Generating Network Traffic and Capturing Packets Basic Analysis Reading the Contents of a TCP Session Identifying Packet Structure with Hex Dump Viewing Individual Packets Determining the Protocol Structure Testing Our Assumptions Dissecting the Protocol with Python Developing Wireshark Dissectors in Lua Creating the Dissector The Lua Dissection Parsing a Message Packet Using a Proxy to Actively Analyze Traffic Setting Up the Proxy Protocol Analysis Using a Proxy Adding Basic Protocol Parsing Changing Protocol Behavior Final Words 6 APPLICATION REVERSE ENGINEERING Compilers, Interpreters, and Assemblers Interpreted Languages Compiled Languages Static vs. Dynamic Linking The x86 Architecture The Instruction Set Architecture CPU Registers Program Flow Operating System Basics Executable File Formats Sections Processes and Threads Operating System Networking Interface Application Binary Interface Static Reverse Engineering A Quick Guide to Using IDA Pro Free Edition Analyzing Stack Variables and Arguments Identifying Key Functionality Dynamic Reverse Engineering Setting Breakpoints Debugger Windows Where to Set Breakpoints? Reverse Engineering Managed Languages .NET Applications Using ILSpy Java Applications Dealing with Obfuscation Reverse Engineering Resources Final Words 7 NETWORK PROTOCOL SECURITY Encryption Algorithms Substitution Ciphers XOR Encryption Random Number Generators Symmetric Key Cryptography Block Ciphers Block Cipher Modes Block Cipher Padding

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.