Designing BSD Rootkits: An Introduction to Kernel Hacking (PDF) [-PUNISHER-]

seeders: 1

leechers: 0

Download torrent

Added on April 24, 2015 by -PUNISHER-in Books > Ebooks
Torrent verified.

Main

Book: Designing BSD Rootkits
Author: Joseph Kong
ISBN13: 9781593271428
ISBN10: 1593271425

add Designing BSD Rootkits to bookmarks
Published: No Starch Press

Designing BSD Rootkits: An Introduction to Kernel Hacking (PDF) [-PUNISHER-] (Size: 8.38 MB)

		Joseph Kong-Designing BSD Rootkits_ An Introduction to Kernel Hacking-No Starch Press (2007).pdf	8.38 MB
		ReadMe -PUNISHER-.txt	4.61 KB

Description

Title:	Designing BSD Rootkits: An Introduction to Kernel Hacking	Author(s):	Joseph KongPublisher:	No Starch Press	Year:	2007	Edition:	1Language:	English	Pages:	164ISBN:	1593271425, 9781593271428

Though rootkits have a fairly negative image, they can be used for both good and evil. Designing BSD Rootkits arms you with the knowledge you need to write offensive rootkits, to defend against malicious ones, and to explore the FreeBSD kernel and operating system in the process.Organized as a tutorial, Designing BSD Rootkits will teach you the fundamentals of programming and developing rootkits under the FreeBSD operating system. Author Joseph Kong's goal is to make you smarter, not to teach you how to write exploits or launch attacks. You'll learn how to maintain root access long after gaining access to a computer and how to hack FreeBSD.Kongs liberal use of examples assumes no prior kernel-hacking experience but doesn't water down the information. All code is thoroughly described and analyzed, and each chapter contains at least one real-world application.

Table of contents :

DESIGNING BSD ROOTKITS......Page 1Acknowledgments......Page 8Contents......Page 11Foreword......Page 15Introduction......Page 17Contents Overview......Page 18Concluding Remarks......Page 191: Loadable Kernel Modules......Page 211.1 Module Event Handler......Page 221.2 The DECLARE_MODULE Macro......Page 231.3 “Hello, world!”......Page 241.4.1 The System Call Function......Page 261.4.2 The sysent Structure......Page 271.4.4 The SYSCALL_MODULE Macro......Page 281.4.5 Example......Page 291.4.7 The modstat Function......Page 301.4.9 Executing the System Call......Page 311.5 Kernel/User Space Transitions......Page 321.5.3 The copystr Function......Page 331.6.1 The cdevsw Structure......Page 341.6.2 Character Device Functions......Page 351.6.3 The Device Registration Routine......Page 361.6.4 Example......Page 371.6.5 Testing the Character Device......Page 391.7 Linker Files and Modules......Page 411.8 Concluding Remarks......Page 422: Hooking......Page 432.1 Hooking a System Call......Page 442.2 Keystroke Logging......Page 462.3 Kernel Process Tracing......Page 482.4 Common System Call Hooks......Page 492.5.1 The protosw Structure......Page 502.5.2 The inetsw[ ] Switch Table......Page 512.6 Hooking a Communication Protocol......Page 522.7 Concluding Remarks......Page 553.1 Kernel Queue Data Structures......Page 573.1.3 The LIST_ENTRY Macro......Page 583.2 Synchronization Issues......Page 593.2.3 The sx_slock and sx_xlock Functions......Page 603.3.1 The proc Structure......Page 613.3.2 The allproc List......Page 623.3.3 Example......Page 633.4 Hiding a Running Process Redux......Page 663.4.2 pidhashtbl......Page 673.4.4 Example......Page 683.5 Hiding with DKOM......Page 713.6.1 The inpcb Structure......Page 723.6.2 The tcbinfo.listhead List......Page 733.6.3 Example......Page 743.7 Corrupting Kernel Data......Page 763.8 Concluding Remarks......Page 774.1 Hooking a Character Device......Page 794.1.3 Example......Page 804.2 Concluding Remarks......Page 825.1 Kernel Data Access Library......Page 835.1.2 The kvm_nlist Function......Page 845.1.5 The kvm_write Function......Page 855.2 Patching Code Bytes......Page 865.3.1 Patching Call Statements......Page 905.4.1 The malloc Function......Page 935.4.4 The FREE Macro......Page 945.4.5 Example......Page 955.5.1 Example......Page 975.6 Inline Function Hooking......Page 1015.6.1 Example......Page 1025.7 Cloaking System Call Hooks......Page 1085.8 Concluding Remarks......Page 1106.1 What HIDSes Do......Page 1116.3 Execution Redirection......Page 1126.4 File Hiding......Page 1166.5 Hiding a KLD......Page 1216.5.2 The linker_file Structure......Page 1226.5.4 The module Structure......Page 1236.5.5 Example......Page 1246.6 Preventing Access, Modification, and Change Time Updates......Page 1276.6.1 Change Time......Page 1286.6.2 Example......Page 1326.7 Proof of Concept: Faking Out Tripwire......Page 1346.8 Concluding Remarks......Page 1377: Detection......Page 1397.1.1 Finding System Call Hooks......Page 1407.2.1 Finding Hidden Processes......Page 1437.3.2 Finding Code Byte Patches......Page 1457.4 Concluding Remarks......Page 146Closing Words......Page 147Bibliography......Page 149Index......Page 151Updates......Page 162

Related Torrents

torrent name	size	seed	leech
No Starch Press Designing BSD Rootkits An Introduction to Kernel Hacking Apr 2007 eBook-BBL Posted by in Books	8.38 MB	0	0
No Starch Press Designing BSD Rootkits An Introduction to Kernel Hacking Apr 2007 pdf Posted by in Books	8.38 MB	0	0
Designing BSD Rootkits - An Introduction to Kernel Hacking~tqw~ darksiderg Posted by in Books	8.38 MB	0	0

Sharing Widget

Download torrent

8.38 MB

seeders:1

leechers:0

Designing BSD Rootkits: An Introduction to Kernel Hacking (PDF) [-PUNISHER-]