全部博文(290)
分类: 网络与安全
2008-06-12 00:09:23
Part I: Introduction to Shellcoding
Shellcoding 初步
Chapter List
Chapter 1: Required Tools 必需的工具
Chapter 2: Assembly Language — Quick Start 汇编语言
Chapter 3: Hacking Using GPRS Uncovered
局部概述
The monstrous complexity of contemporary computer systems inevitably results in design and implementation errors, most of which allow malicious users to gain control of the remote host or damage it. Such errors are known as holes or vulnerabilities.
现代计算机系统在设计和实现上的错误是由它自身的高度复杂性引起的,大多数错误将容许恶意用户获得主机的远程控制权或者受到损害。这样的错误通常被称作漏洞。
The world of security holes is many-sided and manifold: These are debug holes, weak authentication mechanisms, functionally redundant interpretation of the user input, incorrect arguments check, etc. Classification of holes is fuzzy, full of internal contradictions and difficult (at any rate, holes are still waiting for their Carolus Linnaeus), and techniques of searching and exploiting them are currently impossible to generalize. Each case requires a creative approach. It would be naïve to hope that a single publication could describe the entire range of holes. Therefore, it is best to concentrate on one particular type of error — buffer overflow errors, the most important, promising, and prospective area of research.
安全漏洞的世界是多面的并且形式各异:调试漏洞,脆弱的身份验证机制,用户输入的函数厄余说明,还有不正确的变量检查等等。漏洞的分类是模糊的,并且内部充满着矛盾和困难(至少,漏洞一直在等待它们的Carolus Linnaeus--林内乌斯,卡罗卢斯:(1707-1778) 瑞典植物学家,是现代动植物分类系统的创始人)搜寻并利用它们的技术通常也是不可能归纳的;每一种情形都需要一个创造性的方法。没有一本单一的出版物能描述漏洞的整个范围。因此,最好将精力集中在一种错误类型上,它就是缓冲区溢出错误,这也是最重要,最有前途,充满期望的研究领域。
The first part of the book will consider theoretical abstractions. In the second part, more practical issues will be considered, ones related to practical implementation of exploits and countermeasures that should be taken. However, don't expect me to explain to you what the stack and memory addresses are and where they come from. This book is intended for professionals who know Assembly language and have mastered such high-level programming languages as C/C++. It is assumed that you already know how buffer overflow occurs and would like to become acquainted with the full list of possibilities provided by buffers subject to overflow. What are the goals of the attacker? According to what principle are the preferred targets of attack chosen?
这本书的第一部分将考虑抽象理论。在第二部分,更多的实践问题将被引入,和Exploits的相关实现和对策都将被提及;然而,不要指望我给你解释什么是栈和内存地址,也不要问我它们是来源于什么地方。这本书打算给那些熟悉汇编语言以及精通诸如C/C++这样的高级程序设计语言的专业人士使用。假设你已经知道了缓冲区的溢出原理,并且愿意熟悉能让缓冲区溢出的所有可能性事件。那么,攻击者的目标是什么?又应该依据什么原理来选择最佳的攻击目标呢?
An attempt at learning the particulars of this problem, which at first glance seems rather boring and unpretentious, admits you to a world full of adventures and intrigues. Gaining control over the system by causing buffer overflow is a difficult engineering task that requires you to be creative and generate nontrivial ideas. Furthermore, you must be armed with an excellent toolset, because the code sent to the remote host for execution must run in an aggressive environment, which doesn't ensure even the lowest level of vital functioning.
努力学习这个问题的细节,首先要做到的是,宁愿谦虚的匆匆一看也不要讨厌它,让你进入一个充满着冒险和阴谋的世界。想通过缓冲区溢出来获得系统的完全控制权是一项非常艰巨的工程,它需要你的创造性思维并且形成不一般的念头;首先,你必须用一副极佳的工具来武装你自己,因为那些发送到远程主机中执行的代码必须运行在一个侵略性的平台上,必须具备的低级功能无论如何也要得以保证;
风向改变翻译于2008年6月12日
