Gray Hat Python: Python Programming for Hackers and Reverse Engineers [NOOK Book]

Overview

Master The Professional Hacker's Python Toolkit

Python is fast becoming the programming language of choice for hackers, reverse engineers, and software testers because it's easy to write quickly, and it has the low-level support and libraries that make hackers happy. But until now, there has been no real manual on how to use Python for a variety of hacking tasks. You had to dig through forum posts and man pages, endlessly tweaking your own code...

See more details below
Gray Hat Python: Python Programming for Hackers and Reverse Engineers

Available on NOOK devices and apps  
  • NOOK Devices
  • Samsung Galaxy Tab 4 NOOK
  • NOOK HD/HD+ Tablet
  • NOOK
  • NOOK Color
  • NOOK Tablet
  • Tablet/Phone
  • NOOK for Windows 8 Tablet
  • NOOK for iOS
  • NOOK for Android
  • NOOK Kids for iPad
  • PC/Mac
  • NOOK for Windows 8
  • NOOK for PC
  • NOOK for Mac
  • NOOK for Web

Want a NOOK? Explore Now

NOOK Book (eBook)
$17.99
BN.com price
(Save 43%)$31.95 List Price

Overview

Master The Professional Hacker's Python Toolkit

Python is fast becoming the programming language of choice for hackers, reverse engineers, and software testers because it's easy to write quickly, and it has the low-level support and libraries that make hackers happy. But until now, there has been no real manual on how to use Python for a variety of hacking tasks. You had to dig through forum posts and man pages, endlessly tweaking your own code to get everything working. Not anymore.

Gray Hat Python explains the concepts behind hacking tools and techniques like debuggers, trojans, fuzzers, and emulators. But author Justin Seitz goes beyond theory, showing you how to harness existing Python-based security tools - and how to build your own when the pre-built ones won't cut it.

You'll learn how to:

Automate tedious reversing and security tasks

Design and program your own debugger

Learn how to fuzz Windows drivers and create powerful fuzzers from scratch

Have fun with code and library injection, soft and hard hooking techniques, and other software trickery

Sniff secure traffic out of an encrypted web browser session

Use PyDbg, Immunity Debugger, Sulley, IDA Python, PyEmu, and more

The world's best hackers are using Python to do their handiwork. Shouldn't you?

Read More Show Less

Product Details

  • ISBN-13: 9781593272241
  • Publisher: No Starch Press San Francisco, CA
  • Publication date: 4/15/2009
  • Sold by: Barnes & Noble
  • Format: eBook
  • Sales rank: 869,061
  • File size: 2 MB

Meet the Author

Justin Seitz is a Senior Security Researcher for Immunity, Inc., where he spends his time bug hunting, reverse engineering, writing exploits, and coding Python.

Read More Show Less

Table of Contents

Foreword Dave Aitel xiii

Acknowledgments xvii

Introduction xix

1 Setting up Your Development Environment 1

1.1 Operating System Requirements 2

1.2 Obtaining and Installing Python 2.5 2

1.2.1 Installing Python on Windows 2

1.2.2 Installing Python for Linux 3

1.3 Setting Up Eclipse and PyDev 4

1.3.1 The Hacker's Best Friend: ctypes 5

1.3.2 Using Dynamic Libraries 6

1.3.3 Constructing C Datatypes 8

1.3.4 Passing Parameters by Reference 9

1.3.5 Defining Structures and Unions 9

2 Debuggers and Debugger Design 13

2.1 General-Purpose CPU Registers 14

2.2 The Stack 16

2.3 Debug Events 18

2.4 Breakpoints 18

2.4.1 Soft Breakpoints 19

2.4.2 Hardware Breakpoints 21

2.4.3 Memory Breakpoints 23

3 Building A Windows Debugger 25

3.1 Debuggee, Where Art Thou? 25

3.2 Obtaining CPU Register State 33

3.2.1 Thread Enumeration 33

3.2.2 Putting It All Together 35

3.3 Implementing Debug Event Handlers 39

3.4 The Almighty Breakpoint 43

3.4.1 Soft Breakpoints 43

3.4.2 Hardware Breakpoints 47

3.4.3 Memory Breakpoints 52

3.5 Conclusion 55

4 Pydbg-A Pure Python Windows Debugger 57

4.1 Extending Breakpoint Handlers 58

4.2 Access Violation Handlers 60

4.3 Process Snapshots 63

4.3.1 Obtaining Process Snapshots 63

4.3.2 Putting It All Together 65

5 Immunity Debugger-The Best Of Both Worlds 69

5.1 Installing Immunity Debugger 70

5.2 Immunity Debugger 101 70

5.2.1 PyCommands 71

5.2.2 PyHooks 71

5.3 Exploit Development 73

5.3.1 Finding Exploit-Friendly Instructions 73

5.3.2 Bad-Character Filtering 75

5.3.3 Bypassing DEP on Windows 77

5.4 Defeating Anti-Debugging Routines in Malware 81

5.4.1 IsDebuggerPresent 81

5.4.2Defeating Process Iteration 82

6 Hooking 85

6.1 Soft Hooking with PyDbg 86

6.2 Hard Hooking with Immunity Debugger 90

7 DLL and Code Injection 97

7.1 Remote Thread Creation 98

7.1.1 DLL Injection 99

7.1.2 Code Injection 101

7.2 Getting Evil 104

7.2.1 File Hiding 104

7.2.2 Coding the Backdoor 105

7.2.3 Compiling with py2exe 108

8 Fuzzing 111

8.1 Bug Classes 112

8.1.1 Buffer Overflows 112

8.1.2 Integer Overflows 113

8.1.3 Format String Attacks 114

8.2 File Fuzzer 115

8.3 Future Considerations 122

8.3.1 Code Coverage 122

8.3.2 Automated Static Analysis 122

9 Sulley 123

9.1 Sulley Installation 124

9.2 Sulley Primitives 125

9.2.1 Strings 125

9.2.2 Delimiters 125

9.2.3 Static and Random Primitives 126

9.2.4 Binary Data 126

9.2.5 Integers 126

9.2.6 Blocks and Groups 127

9.3 Slaying WarFTPD with Sulley 129

9.3.1 FTP 101 129

9.3.2 Creating the FTP Protocol Skeleton 130

9.3.3 Sulley Sessions 131

9.3.4 Network and Process Monitoring 132

9.3.5 Fuzzing and the Sulley Web Interface 133

10 Fuzzing Windows Drivers 137

10.1 Driver Communication 138

10.2 Driver Fuzzing with Immunity Debugger 139

10.3 Driverlib-The Static Analysis Tool for Drivers 142

10.3.1 Discovering Device Names 143

10.3.2 Finding the IOCTL Dispatch Routine 144

10.3.3 Determining Supported IOCTL Codes 145

10.4 Building a Driver Fuzzer 147

11 Idapython-Scripting Ida Pro 153

11.1 IDAPython Installation 154

11.2 IDAPython Functions 155

11.2.1 Utility Functions 155

11.2.2 Segments 155

11.2.3 Functions 156

11.2.4 Cross-References 156

11.2.5 Debugger Hooks 157

11.3 Example Scripts 158

11.3.1 Finding Dangerous Function Cross-References 158

11.3.2 Function Code Coverage 160

11.3.3 Calculating Stack Size 161

12 Pyemu-The Scriptable Emulator 163

12.1 Installing PyEmu 164

12.2 PyEmu Overview 164

12.2.1 PyCPU 164

12.2.2 PyMemory 165

12.2.3 PyEmu 165

12.2.4 Execution 165

12.2.5 Memory and Register Modifiers 165

12.2.6 Handlers 166

12.3 IDAPyEmu 171

12.3.1 Function Emulation 172

12.3.2 PEPyEmu 175

12.3.3 Executable Packers 176

12.3.4 UPX Packer 176

12.3.5 Unpacking UPX with PEPyEmu 177

Index 183

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing 1 Customer Reviews
  • Posted July 4, 2009

    Fascinating reading for those interested in the deep details of PC software operation.

    I really enjoyed this book. It has many useful examples/tutorials to make the concepts sink into your brain. The references to online resources also were very valuable.

    3 out of 3 people found this review helpful.

    Was this review helpful? Yes  No   Report this review
Sort by: Showing 1 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)