Network penetration technology is strongly recommended

Network penetration technology is strongly recommended

Information Source: http://www.xfocus.net/projects/book/9.html

Network penetration technology supporting materials
Http://www.xfocus.net/projects/book/npt/

Package the supporting materials of network penetration technology
Http://www.xfocus.net/projects/book/npt/npt.rar

Currently, this book is available in the following online bookstores:

Http://www.phei.com.cn/bookshop/bookinfo.asp? Bookcode = tp010350 & booktype = Main
Http://www.huachu.com.cn/itbook/itbookinfo.asp? Lbbh = bd05955487
Http://www.china-pub.com/computers/common/info.asp? Id = 24504

Preface

Xfocus

In a narrow sense, network security focus (http://www.xfocus.net) is a professional network security technology research team; will broaden the horizon, it is a small circle focused on network security technology market exchanges. The circle is a group of ordinary people who like to be free and come from all over the world. They are not in the same company. Life is simple, you love to play with your computer, and occasionally do things well ......
The network is weird. It has created a virtual world in more than a decade, but it has brought countless business opportunities. At the same time, the original simple idea of freedom of communication has become extravagant, and the real hackers have emerged. They are ordinary people and cannot be ordinary people, but they advocate freedom, so they have a legendary story ......
However, in China, there are almost no real hackers, and some are impetuous, vanity, and pretentious. It may be an environment problem. We lack a free and open environment. The power is limited, but the network is unlimited. The focus of security is to provide as pure a technical environment as possible with limited power. As for development, Let's explain it to the ever-changing networks.
The focus of network security is an open circle. If we are willing to work and live with a "willing" mentality, we must first be able to discard money, energy, experience, technology ...... Then you can have the feeling of pride, progress, friends ......
Join us!

About this book

Network penetration technology is jointly completed by San, alert7, eyas, and watercloud members in the security focus team. The content of this book cannot be called original. More is to further explore and organize it on the basis of previous studies. However, every demo in the book has been carefully thought out and debugged by the author, and has accumulated many years of experience from the four authors.
From top magazines and conferences in the security field, China's overall system and network security technology is not outstanding in the world. Currently, Chinese experts have only two articles in the past phrack magazine, one of which is still in linenoise, chinese experts have not appeared before when blackhat and DEFCON are delivered to the book. Although language problems are a huge obstacle, we have to face up to this frustrating result.
Currently, there are countless books on network security in the Chinese market, but few of them can really face the underlying technologies of system and network security. Network penetration technology uses as simple as possible examples to reveal the underlying technology of system and network security in a simple way. We dare not expect every reader who has read this book to become a network security expert, however, we hope that this book will give some guidance to later users, and we hope to see more and more Chinese experts on phrack, blackhat, and DEFCON.

Content Guide

This book is divided into ten chapters and introduces the underlying technology of system and network security in a simple way.

Chapter 4 Basic Knowledge
I am very grateful to some friends for their suggestions on the Security Focus Forum Technology Research edition. I will add the basic knowledge section at the beginning of this book. Chapter 2 briefly introduces the basic usage of several common debugger and disassembly tools. Readers who have some knowledge about system and network security can skip this chapter.

Chapter 1 Buffer Overflow Exploitation Technology
Buffer overflow exploitation technology is the focus of this book. This chapter first introduces the history of buffer overflow, and then introduces the exploitation technology of six platform operating systems. Readers who want to understand the operating system architecture of various platforms cannot miss this chapter. The author carefully designed several easy-to-understand instances and recorded the debugging process of each step. I believe that after reading this chapter, you will have a deep understanding of the principle and technology of buffer overflow.

Chapter 2 shellcode Technology
If there is no shellcode, the buffer overflow can only achieve dos and other effects. To control the Penetration Tester, shellcode must be used to implement various functions. For example, you can get a shell, listen to a port, and add a user. This chapter not only introduces the shellcode writing and extraction methods for various platforms, but also discusses various advanced shellcode technologies and the corresponding source code. For example, the methods used to search for socket shellcode during a remote overflow attack will be more concealed during the remote penetration test.

Chapter 4 Heap Overflow Exploitation Technology
The management of heap by the operating system is much more complicated than stack, and the heap management algorithms used by various operating systems are completely different. This chapter introduces the heap overflow Exploitation Technology for Linux, windows, and Solaris operating systems. The author carefully designed several easy-to-understand instances for each operating system to describe various exploitation methods.

Chapter 2 exploitation of formatting String Vulnerabilities
The history of formatting string vulnerabilities is much shorter than buffer overflow, and is generally considered a programmer's programming error. However, the formatting string vulnerability allows you to write arbitrary content to any address, so its harm is extremely fatal. This chapter mainly discusses the exploitation technologies of Linux, Solaris, and Windows platforms. Due to the different libc operating systems, their utilization processes are also slightly different.

Chapter 4 kernel overflow Exploitation Technology
This chapter mainly discusses how to use the kernel when it overflows during data processing. The use of kernel state is very different from that of user State, requiring readers to have a deeper understanding of the system kernel. This version of this book only discusses how to use the Linux X86 platform.

Chapter 2 other exploitation technologies
This chapter discusses some overflow exploitation techniques that are not very common or specific, it mainly includes * BSD memcpy overflow, file stream overflow, C ++ overflow overwrite the virtual function pointer technology, and bypass the Pax kernel patch protection method. This section bypasses the Pax kernel patch protection method, which requires you to have a deep understanding of the ELF file format.

Chapter 1 system vulnerability mining and Analysis
I believe many readers will like this chapter. After introducing the exploitation methods of various system vulnerabilities, this chapter introduces some methods for discovering vulnerabilities, and analyzes multiple actual vulnerabilities in detail, which is also the practical content of the previous chapters on exploitation technology.

Chapter 2 CGI Penetration Testing Technology
Obtaining server control through system vulnerabilities is the most direct and effective method, but in the actual penetration test process, customers' servers may have been patched, you can use a firewall to restrict access to web services only. At this time, the best penetration path is to exploit the CGI program vulnerability. This chapter first introduces the security of cross-site scripting and cookies, and then focuses on various penetration testing techniques of PHP.

Chapter 2 SQL Injection Exploitation Technology
Today, CGI programs generally use backend databases. The CGI program vulnerability causes SQL Injection problems. SQL Injection Exploitation Technology is a major branch of CGI penetration testing technology. This chapter describes the injection technology of the two most common databases, MySQL and SQL Server.

Appendix A comparison between system and network security terms in Chinese and English
This book may use some system and network security terms. If you have any questions about the terms, refer to Appendix.

Source Code and related documents of this book

In order to save costs and reduce the book price, the source code programs and reference documents used in the network penetration technology book will be placed on the network security focus website to facilitate readers to read and use this book.
All source code and related documents are divided into directories by chapter. Under each chapter directory, readers can find corresponding demo instances and use the program source code, so that readers can easily learn and debug them.
The source code programs used in this book and relevant reference documents will be placed on the network security focus website to facilitate readers to read and use this book.
All source code and related documents are divided into directories by chapter. Under each chapter directory, readers can find corresponding demo instances and use the program source code, so that readers can easily learn and debug them.

Requirements for readers

This book is suitable for the following readers:
Friends who are interested in system and network security. This book will guide these friends to study deeper underlying security.
Network security practitioners. This book will be a good reference for these friends.
System and network programming writer. The so-called "Know Yourself" and "Know Yourself" are never defeated. After learning about the principles of various security vulnerabilities, I believe that the programs written by these friends will be more secure.
Readers interested in debugging technology.
Hope to learn and improve together with friends.
Knowledge required to use this book
When books are used, they hate less. In many cases, knowledge can be passed.
Compile basic knowledge. During vulnerability debugging, the debugger displays assembly code. On the network security focus website, there are several authors who have compiled the Compilation instruction manuals for various platforms. Readers can make reference when debugging or writing shellcode.
Familiar with C language, Perl, and other scripting languages. This book demonstrates programs and exploitation programs using these programming languages, and assumes that the reader has basic programming capabilities.
Readers who have the above knowledge will be even better at reading this book.

Thank you

I am particularly grateful to Chen yuxiao for his overall image design. He is also very grateful for his free dedication to the security focus logo, xcon logo and image design.
Thanks to the Electronic Industry Publishing House for its strong support for this book, and to the responsible editor Zhu Xiaohong for his great work.
Thanks to the loose technical atmosphere of aligreennet, especially warning3 and SCZ, their articles published online and in-depth technical discussions with them have added a lot to this book.
Thank you for your wonderful technical discussion on the 0dd email list.
Finally, I would like to thank the Security Focus team for their support for this book. Without it, they will not have the book "network penetration technology.

Technical Support

If you have any questions or opinions when reading this book, please contact us at the Technical Research edition of the Security Focus Forum. We are very happy to discuss technical issues with our friends, you can learn more and make friends at the same time.