By Justin Seitz
Python is quick changing into the programming language of selection for hackers, opposite engineers, and software program testers simply because it is easy to write down fast, and it has the low-level help and libraries that make hackers chuffed. yet before, there was no genuine handbook on easy methods to use Python for various hacking initiatives. You needed to dig via discussion board posts and guy pages, eternally tweaking your personal code to get every thing operating. now not anymore.
Gray Hat Python explains the suggestions in the back of hacking instruments and methods like debuggers, trojans, fuzzers, and emulators. yet writer Justin Seitz is going past concept, exhibiting you the way to harness present Python-based defense instruments - and the way to construct your individual while the pre-built ones will not minimize it.
You'll find out how to:
- Automate tedious reversing and safety tasks
- Design and software your personal debugger
- Learn the best way to fuzz home windows drivers and create strong fuzzers from scratch
- Have enjoyable with code and library injection, gentle and tough hooking thoughts, and different software program trickery
- Sniff safe site visitors out of an encrypted internet browser session
- Use PyDBG, Immunity Debugger, Sulley, IDAPython, PyEMU, and more
The world's most sensible hackers are utilizing Python to do their handiwork. should not you?
Read or Download Gray Hat Python: Python Programming for Hackers and Reverse Engineers PDF
Best Computers books
Electronic layout and laptop structure takes a special and glossy method of electronic layout. starting with electronic common sense gates and progressing to the layout of combinational and sequential circuits, Harris and Harris use those primary development blocks because the foundation for what follows: the layout of an exact MIPS processor.
Grasp the Linux instruments that would Make You a extra efficient, powerful Programmer The Linux Programmer's Toolbox is helping you faucet into the colossal selection of open resource instruments on hand for GNU/Linux. writer John Fusco systematically describes the main valuable instruments to be had on such a lot GNU/Linux distributions utilizing concise examples that you should simply adjust to satisfy your wishes.
Robert Sedgewick has completely rewritten and considerably increased and up-to-date his renowned paintings to supply present and accomplished insurance of significant algorithms and information constructions. Christopher Van Wyk and Sedgewick have constructed new C++ implementations that either exhibit the tools in a concise and direct demeanour, and likewise supply programmers with the sensible potential to check them on genuine functions.
The aim of laptop studying is to application pcs to exploit instance info or earlier event to resolve a given challenge. Many winning functions of laptop studying already exist, together with structures that learn earlier revenues facts to foretell shopper habit, optimize robotic habit in order that a role may be accomplished utilizing minimal assets, and extract wisdom from bioinformatics info.
Additional resources for Gray Hat Python: Python Programming for Hackers and Reverse Engineers
Whilst the second one strategy a lot, we code inject it to offer us a shell connection to the objective laptop. After the shellcode has run and we've our shell connection, we inject a moment piece of code into the distant approach that kills the method we're presently working within. Wait a moment! could not we simply permit our calc. exe strategy go out? briefly, sure. yet method termination is a key procedure for a backdoor to help. for instance, you'll mix a few process-iteration code that you just discovered in past chapters and use it on attempt to locate antivirus or software program firewalls working and easily kill them. it's also very important that you should migrate from one strategy to a different and kill the method you left in the back of in the event you don't want it anymore. we'll even be exhibiting the way to assemble Python scripts into actual standalone home windows executables and the way to covertly send DLLs in the basic executable. let's examine the right way to follow a bit stealth to create a few stowaway DLLs. dossier Hiding to ensure that us to securely distribute an injectable DLL with our backdoor, we want a stealthy means of storing the dossier as not to allure an excessive amount of awareness. lets use a wrapper, which takes executables (including DLLs) and wraps them jointly as one, yet this can be a booklet approximately hacking with Python, so we need to get a section extra artistic. to conceal documents within executables, we'll abuse a legacy function of the NTFS filesystem referred to as trade information streams (ADS). exchange info streams were round given that home windows NT three. 1 and have been brought as a way to speak with the Apple hierarchical dossier process (HFS). advertisements permits us to have a unmarried dossier on disk and shop the DLL in a flow that's hooked up to the first executable. A circulate is admittedly not anything greater than a hidden dossier that's hooked up to the dossier that you should see on disk. by utilizing another information circulation, we're hiding the DLL from the user's speedy view. with no really expert instruments, a working laptop or computer consumer cannot see the contents of ADSs, that's excellent for us. additionally, a couple of safeguard items do not adequately test trade information streams, so now we have a superb opportunity of slipping beneath their radar to prevent detection. to take advantage of another info circulate on a dossier, we are going to have to do not anything greater than append a colon and a filename to an present dossier, like so: reverser. exe:vncdll. dll accordingly we're having access to vncdll. dll, that's kept in an alternative facts circulation connected to reverser. exe. Let's write a short application script that easily reads in a dossier and writes it out to an advertisements hooked up to a dossier of our making a choice on. Open an extra Python script referred to as file_hider. py and input the subsequent code. file_hider. py import sys # learn within the DLL fd = open( sys. argv, "rb" ) dll_contents = fd. read() fd. close() print "[*] Filesize: %d" % len( dll_contents ) # Now write it out to the advertisements fd = open( "%s:%s" % ( sys. argv, sys. argv ), "wb" ) fd. write( dll_contents ) fd. close() not anything fancy—the first command-line argument is the DLL we want to learn in, and the second one argument is the objective dossier whose advertisements we'll be storing the DLL in.