THÔNG TIN TÀI LIỆU
5 3995
9 781593 271923
ISBN: 978-1-59327-192-3
6
89145 71921
5
PYTHON PROGRAMMING FOR HACKERS AND
REVERSE ENGINEERS
Python is fast becoming the programming
language of choice for hackers, reverse
engineers, and software testers because
it’s easy to write quickly, and it has the
low-level support and libraries that make
hackers happy. But until now, there has
been no real manual on how to use Python
for a variety of hacking tasks. You had to
dig through forum posts and man pages,
endlessly tweaking your own code to get
everything working. Not anymore.
Gray Hat Python explains the concepts
behind hacking tools and techniques like
debuggers, trojans, fuzzers, and emulators.
But author Justin Seitz goes beyond theory,
showing you how to harness existing
Python-based security tools — and how to
build your own when the pre-built ones
won’t cut it.
You’ll learn how to:
> Automate tedious reversing and
security tasks
> Design and program your own debugger
> Learn how to fuzz Windows drivers and
create powerful fuzzers from scratch
> Have fun with code and library injection,
soft and hard hooking techniques, and
other software trickery
> Sniff secure trafc out of an encrypted
web browser session
> Use PyDBG, Immunity Debugger,
Sulley, IDAPython, PyEMU, and more
The world’s best hackers are using Python
to do their handiwork. Shouldn’t you?
JUSTIN SEITZ is a Senior Security Researcher for Immunity, Inc., where he spends his time bug
hunting, reverse engineering, writing exploits, and coding Python.
THE FINEST IN GEEK ENTERTAINMENT™
w w w.no sta rch.co m
“I LAY FLAT.”
This book uses RepKover — a durable binding
that won’t snap shut.
GRAY HAT PYTHON
MASTER THE PROFESSIONAL
HACKER’S PYTHON TOOLKIT
$39.95 ($49.95 CDN) SHELVE IN: COMPUTERS/SECURiTy
SEITZ
JUSTIN
SEITZ
GRAY HAT
PYTHON
GRAY HAT PYTHON
GRAY HAT PYTHON
Python Programming for
Hackers and Reverse
Engineers
by Justin Seitz
San Francisco
GRAY HAT PYTHON. Copyright © 2009 by Justin Seitz.
All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or
mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior
written permission of the copyright owner and the publisher.
13 12 11 10 09 1 2 3 4 5 6 7 8 9
ISBN-10: 1-59327-192-1
ISBN-13: 978-1-59327-192-3
Publisher: William Pollock
Production Editor: Megan Dunchak
Cover Design: Octopod Studios
Developmental Editor: Tyler Ortman
Technical Reviewer: Dave Aitel
Copyeditor: Linda Recktenwald
Compositors: Riley Hoffman and Kathleen Mish
Proofreader: Rachel Kai
Indexer: Fred Brown, Allegro Technical Indexing
For information on book distributors or translations, please contact No Starch Press, Inc. directly:
No Starch Press, Inc.
555 De Haro Street, Suite 250, San Francisco, CA 94107
phone: 415.863.9900; fax: 415.863.9950; info@nostarch.com; www.nostarch.com
Library of Congress Cataloging-in-Publication Data:
Seitz, Justin.
Gray hat Python : Python programming for hackers and reverse engineers / Justin Seitz.
p. cm.
ISBN-13: 978-1-59327-192-3
ISBN-10: 1-59327-192-1
1. Computer security. 2. Python (Computer program language) I. Title.
QA76.9.A25S457 2009
005.8 dc22
2009009107
No Starch Press and the No Starch Press logo are registered trademarks of No Starch Press, Inc. Other product and
company names mentioned herein may be the trademarks of their respective owners. Rather than use a trademark
symbol with every occurrence of a trademarked name, we are using the names only in an editorial fashion and to the
benefit of the trademark owner, with no intention of infringement of the trademark.
The information in this book is distributed on an “As Is” basis, without warranty. While every precaution has been
taken in the preparation of this work, neither the author nor No Starch Press, Inc. shall have any liability to any
person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the
information contained in it.
Mom,
If there’s one thing I wish for you to remember,
it’s that I love you very much.
Alzheimer Society of Canada—www.alzheimers.ca
BRIEF CONTENTS
Foreword by Dave Aitel xiii
Acknowledgments xvii
Introduction xix
Chapter 1: Setting Up Your Development Environment 1
Chapter 2: Debuggers and Debugger Design 13
Chapter 3: Building a Windows Debugger 25
Chapter 4: PyDbg—A Pure Python Windows Debugger 57
Chapter 5: Immunity Debugger—The Best of Both Worlds 69
Chapter 6: Hooking 85
Chapter 7: DLL and Code Injection 97
Chapter 8: Fuzzing 111
Chapter 9: Sulley 123
Chapter 10: Fuzzing Windows Drivers 137
Chapter 11: IDAPython—Scripting IDA Pro 153
Chapter 12: PyEmu—The Scriptable Emulator 163
Index 183
[...]... wget http:/ /python. org/ftp /python/ 2.5.1 /Python- 2.5.1.tgz tar –zxvf Python- 2.5.1.tgz mv Python- 2.5.1 Python2 5 cd Python2 5 You have now downloaded and unzipped the source code into /usr/local/ Python2 5 The next step is to compile the source code and make sure the Python interpreter works: # /configure –-prefix=/usr/local /Python2 5 # make && make install # pwd /usr/local /Python2 5 # python Python 2.5.1... Installing Python 2.5 The Python installation is quick and painless on both Linux and Windows Windows users are blessed with an installer that takes care of all of the setup for you; however, on Linux you will be building the installation from source code 1.2.1 Installing Python on Windows Windows users can obtain the installer from the main Python site: http:// python. org/ftp /python/ 2.5.1 /python- 2.5.1.msi... Click Next to continue 3 Name the project Gray Hat Python Click Finish New Project You will notice that your Eclipse screen will rearrange itself, and you should see your Gray Hat Python project in the upper left of the screen Now right-click the src folder, and select New PyDev Module In the Name field, enter chapter1-test, and click Finish You will notice that your project pane has been updated, and... Installing Python for Linux To install Python 2.5 for Linux, you will be downloading and compiling from source This gives you full control over the installation while preserving the existing Python installation that is present on a Red Hat based system The installation assumes that you will be executing all of the following commands as the root user The first step is to download and unzip the Python 2.5... learn not only how to use Python- based tools but how to build tools in Python But be forewarned, this is not an exhaustive reference! There are many, many infosec (information security) tools written in Python that I did not cover However, this book will allow you to translate a lot of the same skills across applications so that you can use, debug, extend, and customize any Python tool of your choice... version of your script: # python /root/chapter1-printf.py Testing: Hello world! # It is that easy to be able to call into a dynamic library and use a function that is exported You will be using this technique many times throughout the book, so it is important that you understand how it works 1.3.3 Constructing C Datatypes Creating a C datatype in Python is just downright sexy, in that nerdy, weird way Having... ensure that your user environment knows where to find the Python interpreter automatically, you must edit the /root/.bashrc file I personally use nano to do all of my text editing, but feel free to use whatever editor you are comfortable with Open the /root/.bashrc file, and at the bottom of the file add the following line: export PATH=/usr/local /Python2 5/:$PATH This line tells the Linux environment that... the Linux environment that the root user can access the Python interpreter without having to use its full path If you log out and log Set ti ng U p Y our De vel opm en t En vi ron m en t 3 back in as root, when you type python at any point in your command shell you will be prompted by the Python interpreter Now that you have a fully operational Python interpreter on both Windows and Linux, it’s time... will be posted to http://www.nostarch.com/ ghpython.htm for your downloading pleasure Now let’s get coding! xx In t rod uc ti on 1 SETTING UP YOUR DEVELOPMENT ENVIRONMENT Before you can experience the art of gray hat Python programming, you must work through the least exciting portion of this book, setting up your development environment It is essential that you have a solid development environment,... folks, too I spent a great deal of time hunting around for a language that was well suited for hacking and reverse engineering, and a few years ago it became very apparent that Python was becoming the natural leader in the hacking-programminglanguage department The tricky part was the fact that there was no real manual on how to use Python for a variety of hacking tasks You had to dig through forum posts . THE PROFESSIONAL HACKER’S PYTHON TOOLKIT $39.95 ($49.95 CDN) SHELVE IN: COMPUTERS/SECURiTy SEITZ JUSTIN SEITZ GRAY HAT PYTHON GRAY HAT PYTHON GRAY HAT PYTHON Python Programming for Hackers. exploits, and coding Python. THE FINEST IN GEEK ENTERTAINMENT™ w w w.no sta rch.co m “I LAY FLAT.” This book uses RepKover — a durable binding that won’t snap shut. GRAY HAT PYTHON MASTER THE PROFESSIONAL. Justin. Gray hat Python : Python programming for hackers and reverse engineers / Justin Seitz. p. cm. ISBN-13: 978-1-59327-192-3 ISBN-10: 1-59327-192-1 1. Computer security. 2. Python (Computer
Ngày đăng: 25/03/2014, 10:54
Xem thêm: gray hat python