Network.Security.Tools [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

Network.Security.Tools [Electronic resources] - نسخه متنی

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات

Sitemap

Table of Contents

Copyright

Preface

Audience

Assumptions This Book Makes

Contents of This Book

Conventions Used in This Book

Using Code Examples

We'd Like to Hear from You

Safari Enabled

Acknowledgments

Part I: Modifying and Hacking Security Tools

Chapter 1. Writing Plug-ins for Nessus

Section 1.1. The Nessus Architecture

Section 1.2. Installing Nessus

Section 1.3. Using Nessus

Section 1.4. The NASL Interpreter

Section 1.5. Hello World

Section 1.6. Datatypes and Variables

Section 1.7. Operators

Section 1.8. if...else

Section 1.9. Loops

Section 1.10. Functions

Section 1.11. Predefined Global Variables

Section 1.12. Important NASL Functions

Section 1.13. Nessus Plug-ins

Chapter 2. Developing Dissectors and Plug-ins for the Ettercap Network Sniffer

Section 2.1. Installing and Using Ettercap

Section 2.2. Writing an Ettercap Dissector

Section 2.3. Writing an Ettercap Plug-in

Chapter 3. Extending Hydra and Nmap

Section 3.1. Extending Hydra

Section 3.2. Adding Service Signatures to Nmap

Chapter 4. Writing Plug-ins for the Nikto Vulnerability Scanner

Section 4.1. Installing Nikto

Section 4.2. Using Nikto

Section 4.3. Nikto Under the Hood

Section 4.4. Existing Nikto Plug-ins

Section 4.5. Adding Custom Entries to the Plug-in Databases

Section 4.6. Using LibWhisker

Section 4.7. Writing an NTLM Plug-in for Brute-Force Testing

Section 4.8. Writing a Standalone Plug-in to Attack Lotus Domino

Chapter 5. Writing Modules for the Metasploit Framework

Section 5.1. Introduction to MSF

Section 5.2. Overview of Stack Buffer Overflows

Section 5.3. Writing Exploits for MSF

Section 5.4. Writing a Module for the MnoGoSearch Overflow

Section 5.5. Writing an Operating System Fingerprinting Module for MSF

Chapter 6. Extending Code Analysis to the Webroot

Section 6.1. Attacking Web Applications at the Source

Section 6.2. Toolkit 101

Section 6.3. PMD

Section 6.4. Extending PMD

Part II: Modifying and Hacking Security Tools

Chapter 7. Fun with Linux Kernel Modules

Section 7.1. Hello World

Section 7.2. Intercepting System Calls

Section 7.3. Hiding Processes

Section 7.4. Hiding from netstat

Chapter 8. Developing Web Assessment Tools and Scripts

Section 8.1. Web Application Environment

Section 8.2. Designing the Scanner

Section 8.3. Building the Log Parser

Section 8.4. Building the Scanner

Section 8.5. Using the Scanner

Section 8.6. Complete Source Code

Chapter 9. Automated Exploit Tools

Section 9.1. SQL Injection Exploits

Section 9.2. The Exploit Scanner

Section 9.3. Using the Scanner

Chapter 10. Writing Network Sniffers

Section 10.1. Introduction to libpcap

Section 10.2. Getting Started with libpcap

Section 10.3. libpcap and 802.11 Wireless Networks

Section 10.4. libpcap and Perl

Section 10.5. libpcap Library Reference

Chapter 11. Writing Packet-Injection Tools

Section 11.1. Introduction to libnet

Section 11.2. Getting Started with libnet

Section 11.3. Advanced libnet Functions

Section 11.4. Combining libnet and libpcap

Section 11.5. Introducing AirJack

Colophon

توضیحات
افزودن یادداشت جدید









10.1. Introduction to libpcap



libpcap

is an open source C-language
library for capturing network packets. libpcap
is available for a number of different platforms, including most Unix
and Unix-like platforms (such as Linux and BSD), as well as for
Windows.


Although libpcap is primarily a packet-capturing
tool, it also can create and manipulate packets from saved files,
which can then be used in the wide variety of tools that support the
libpcap format.



10.1.1. Why Use libpcap?



libpcap
hides much of the complexity inherent in
network packet capture. Packet capture is possible using native
network functionality on most platforms; however, the interfaces and
semantics required for capturing packets are not for the faint of
heart. For example, the following is a fragment of code for packet
capture from a tool I wrote for Linux some years ago:[1]



[1] If you're familiar with the
netlink(3) interface you know how old this code
really is.



struct sockaddr_nl nl_addr;
int fd;
int recvlen;
unsigned char msgbuf[3000];
fd = socket (PF_NETLINK, SOCK_RAW, 0x02)
memset (&nl_addr, 0, sizeof (struct sockaddr_nl));
nl_addr.nl_family = (sa_family_t) PF_NETLINK;
nl_addr.nl_pid = (unsigned int) getpid ( );
nl_addr.nl_groups = 0x02;
bind (fd, (struct sockaddr *) &nl_addr, sizeof (struct sockaddr_nl)
recvlen = recv (fd, msgbuf, MAX_BUFFER_SIZE, 0)


As you can see, this is not the friendliest of code. It uses BSD
socket calls to the Linux-only netlink(3)
interface to pass packets from the kernel to the user tool.


libpcap hides the complexity of getting packets
from the operating system, and it gives the
tool developer a consistent interface for developing tools,
regardless of the tool's intended operating system.
In turn, this makes writing portable code much simpler, and it makes
your tools much more useful.



10.1.2. Installing libpcap



You can obtain the latest
version
of libpcap from http://www.tcpdump.org.
libpcap is easy to compile from the source code:


> tar zxvf libpcap-0.8.3.tar.gz
> cd libpcap-0.8.3
> ./configure
> make
> make install


Many Linux distributions also include libpcap as
an optional package that you can install with the distribution, or
add afterward. Because
libpcap's functionality changes
between versions, you should use the latest version of the libraries
available for your distribution or compile the library from source
for your own development.



If you are compiling libpcap from source, make
sure you uninstall previous versions of libpcap
to avoid problems with mismatched files. You will need to remove the
following files from the libraries directory (commonly
/usr/lib/ or
/usr/local/lib/ ):



libpcap.a



libpcap.so.*.*




You will also need to remove the following files from the include
files directory (commonly /usr/include/ or
/usr/local/include/ ):



pcap.h



pcap-bpf.h



pcap-namedb.h




You might also have to add the path the libpcap
libraries are installed to into the library search path (commonly
/etc/ld.so.conf for Linux systems).



To develop the examples in this chapter, we'll be
using libpcap Version 0.8.3. Although many of
the examples work with earlier versions of
libpcap, some functionality might not be
available.



/ 85