Hakin9 Exploiting Software - 201201.pdf

(4913 KB) Pobierz
01/2012 (05)
Dear Readers,
The first Exploiting Software issue of the 2012 we dedicate to Black
Hole exploit kit, a commercial web application crime ware evolved in
Russia. It made a huge impression in 2011 by compromising large
user base across the world. Considering the number of affected
victims, it has successfully entered into the league of deadly exploit
kits like Neosploit and Phoenix. To learn how it works, how to detect
it and how to prevent read the article Anatomy of the Black Hole
Exploit Kit written by Abhijeet Hatekar. If you want to learn how to
write your own shellcode, how to fix all the nulls and how to validate
your shellcode read the excellent article Starting to Write Your Own
Linux Shellcode written by Craig Wright. Craig will show what makes
it extremely difficult for signature based systems to stop or detect
shellcode created for a specific purpose. I highly encourage you to
read the article Hacking Applets: A Reverse Engineering Approach
written by Nilesh Kumar and Ronnie Johndas. The authors will
discuss a technique that can be used to modify the applet’s Java
byte code without having to recompile the applet. You will learn the
process of reverse engineering of an applet which does not have any
kind of code obfuscation, string encryption and other code protection
techniques employed. You will also know how to patch byte code
and perform other kinds of manipulation in the Java class files of
the applet. In the article Buffer Overflow Exploitation A to Z (Part
1) Praful Agarwal aka Sbeztt will show you how the memory gets
corrupted with the heavy data and he will teach you a Stack Based
Buffer Overflow Exploitation . To be able to grab a memory dump
from a live machine and then have the capabilities to pull useful
information from it amazes Daniel Dieterle. If you are curious curious
what could be done with a memory dump of an active computer read
his article How to Recover Passwords from a Memory Dump . If you
want to minimize exploits risks read the article The Gentoo Hardened
Project: Or How to Minimize Exploits Risks written by Jesus Rivero.
You will learn how to choose the right profile and kernel and what are
the major caveats and potential problems of the Gentoo Hardened
Project. Enjoy the reading!
Editor in Chief: Grzegorz Tabaka
Managing Editor: Natalia Boniewicz
Editorial Advisory Board: Rebecca Wynn, Matt Jonkman,
Donald Iverson, Michael Munt, Gary S. Milefsky, Julian Evans,
Aby Rao
Proofreaders: Michael Munt, Rebecca Wynn, Elliott Bujan,
Bob Folden, Steve Hodge, Jonathan Edwards, Steven Atcheson,
Robert Wood
Top Betatesters: Nick Baronian, Rebecca Wynn, Rodrigo Rubira
Branco, Chris Brereton, Gerardo Iglesias Galvan, Jeff rey Smith,
Robert Wood, Nana Onumah, Rissone Ruggero, Inaki Rodriguez
Special Thanks to the Beta testers and Proofreaders who helped
us with this issue. Without their assistance there would not be a
Hakin9 Expoiting Software magazine.
Senior Consultant/Publisher: Paweł Marciniak
CEO: Ewa Dudzic
Production Director: Andrzej Kuca
DTP: Ireneusz Pogroszewski
Art Director: Ireneusz Pogroszewski
Publisher: Software Press Sp. z o.o. SK
02-682 Warszawa, ul. Bokserska 1
Phone: 1 917 338 3631
Whilst every effort has been made to ensure the high quality of
the magazine, the editors make no warranty, express or implied,
concerning the results of content usage.
All trade marks presented in the magazine were used only for
informative purposes.
Natalia Boniewicz
& Hakin9 Team
All rights to trade marks presented in the magazine are
reserved by the companies which own them.
To create graphs and diagrams we used
Mathematical formulas created by Design Science MathType™
The techniques described in our articles may only
be used in private, local networks. The editors
hold no responsibility for misuse of the presented
techniques or consequent data loss.
1013866336.026.png 1013866336.001.png 1013866336.002.png 1013866336.003.png 1013866336.004.png 1013866336.005.png 1013866336.006.png 1013866336.007.png 1013866336.008.png 1013866336.009.png 1013866336.010.png 1013866336.011.png 1013866336.012.png 1013866336.013.png 1013866336.014.png 1013866336.015.png 1013866336.016.png 1013866336.017.png 1013866336.018.png 1013866336.019.png 1013866336.020.png 1013866336.021.png
Zgłoś jeśli naruszono regulamin