使用手机摄像头 - 扫描以下代码并下载 Kindle 阅读软件。
Designing BSD Rootkits: An Introduction to Kernel Hacking (English Edition) 1第一 版本, Kindle电子书
Organized as a tutorial, Designing BSD Rootkits will teach you the fundamentals of programming and developing rootkits under the FreeBSD operating system. Author Joseph Kong's goal is to make you smarter, not to teach you how to write exploits or launch attacks. You'll learn how to maintain root access long after gaining access to a computer and how to hack FreeBSD.
Kongs liberal use of examples assumes no prior kernel-hacking experience but doesn't water down the information. All code is thoroughly described and analyzed, and each chapter contains at least one real-world application.
–The fundamentals of FreeBSD kernel module programming
–Using call hooking to subvert the FreeBSD kernel
–Directly manipulating the objects the kernel depends upon for its internal record-keeping
–Patching kernel code resident in main memory; in other words, altering the kernel's logic while it’s still running
–How to defend against the attacks described
Hack the FreeBSD kernel for yourself!
Tinkering with computers has always been a primary passion of author Joseph Kong. He is a self-taught programmer who dabbles in information security, operating system theory, reverse engineering, and vulnerability assessment. He has written for Phrack Magazine and was a system administrator for the City of Toronto.--此文字指其他 kindle_edition 版本。
- ASIN : B002MZAR6I
- 出版社 : No Starch Press; 第 1st 版 (2007年4月1日)
- 出版日期 : 2007年4月1日
- 语言 : 英语
- 文件大小 : 529 KB
- 标准语音朗读 : 已启用
- X-Ray : 未启用
- 生词提示功能 : 未启用
- 纸书页数 : 144页
- 亚马逊热销商品排名: 商品里排第263,292名Kindle商店 (查看商品销售排行榜Kindle商店)
|5 星 (0%)||0%|
|4 星 (0%)||0%|
|3 星 (0%)||0%|
|2 星 (0%)||0%|
|1 星 (0%)||0%|
It's based on FreeBSD 6.0 32-bit. No one really uses FreeBSD so why even bother studying rootkits on this platform? As of 2015, this release has long been EOL'ed. Now days, 32-bit is just a bad choice for anything but academic study. But you know this before you buy the book. What you don't know, if like me you have never used BSD, is that BSD is really not that similar to Linux. Yes, it works the same, but all the libs are different. Almost none of the C system libs you would use on Linux exist on FreeBSD. And, if they do, its almost in name only as the API is different.
I believe most of the disappointment comes from my lack of ever using BSD before. Installing it was a PITA and updating it is even more confusing since the system uses both ports and a package system. Writing C in FreeBSD, as mentioned, is also a rude awakening to anyone only familiar with Linux or Windows. Most all the libs you are familiar with are not there. Time to re-learn everything. A chapter dedicated to setting up the OS and environment would have been really nice. A crash course chapter on C programming on BSD would have been nice too.
Finally, the errata page is virtually non-existent. Not a single update for newer releases of the OS or for 64-bit solutions. There is two entries, for typos made in the book. That's all.
The ideas: creating LKM, hooking syscalls, DKOM, kernel patching, etc. are all great academic gems, but since porting this knowledge over to a modern, popular OS is non-trivial, I am going to have to say this book is purely academic. Don't get it if you want something practical.
This enjoyable readable book gradually and very systematically evolves around hacking the kernel of a BSD system.
Chapter 1: Loadable Kernel Modules 22p.
Chapter 2: Hooking 13p.
Chapter 3: Direct Kernel Object Manipulation 20p.
Chapter 4: Kernel Object Hooking 4p.
Chapter 5: Run-Time Kernel Memory Patching 27p.
Chapter 6: Putting It All Together 26p.
Chapter 7: Detection 8p.
Its written in a style that allows also non-developers to grasp the main procedures and steps involved for modifying a systems kernel (assuming the attacker got access to a privileged system account).
Chapters 1 to 5 explain the several methods for modifying the kernel.
While the book is divided into 7 chapters, its most value really is the Chapters 6 which has many of those WoW effects included.
All or most technics described of chapters 1-5 will be used in chapter 6 for show casing how to circumvent an HIDS. Here is where all learned technics finally come all together.
So the reader dabbles with the author from an initial "simple" idea of bypassing an HIDS from one issue to the next. First the system call is hooked, so technically its kind of working, but then we realize that in order to make it perfect we need to hide the just created file (which contains the execution redirection routine). So the next obvious step is to hide the file so we dont leave a footprint on the system, just to realize that we need to hide the KLD (Dynamic Kernel Linker). So now everything is hidden but we forgot about the change of the /sbin directories access/ modification and change time, so we have to go after that too...
Its technically very interesting to learn how the author approaches the issues involved in order to avoid being detected by the HIDS or commands the user might use. That the author is technically on top of things is also shown f.e. by some info included in the book which is already referring to FreeBSD 7.
To get the most out of the book you ideally have programming knowledge of C, assembly etc. and debugging software systems. So I think its most valuable to system administrators, developers and security consultants.
Working through this book was fun and informative. You can download sources from [....]
The concepts apply equally well to Linux, of course, and I also realized that some of the areas explored come up in ordinary application work and especially in system troubleshooting, so this isn't entirely about subverting systems for evil purpose.
The book is laid out quite well, with fantastic examples and explanations.
Unfortunately there are a few mistakes in the code examples due to some changes in the FreeBSD code (eg. the sys_ prefix was added to FreeBSD native syscalls )