Gray Hat Python

Python Programming for Hackers and Reverse Engineers

Justin Seitz

Publisher: No Starch, 2009, 189 pages

ISBN: 978-1-59327-192-3

Keywords: Python, Programming

Last modified: April 6, 2021, 7:45 a.m.

Python is fast becoming the programming language of choice for hackers, reverse engineers, and software testers because it's easy to write quickly, and it has the low-level support and libraries that make hackers happy. But until now, there has been no real manual on how to use Python for a variety of hacking tasks. You had to dig through forum posts and man pages, endlessly tweaking your own code to get everything working. Not anymore.

Gray Hat Python explains the concepts behind hacking tools and techniques like debuggers, trojans, fuzzers, and emulators. But author Justin Seitz goes beyond theory, showing you how to harness existing Python-based security tools — and how to build your own when the pre-built ones won't cut it.

You'll learn how to:

  • Automate tedious reversing and security tasks
  • Design and program your own debugger
  • Learn how to fuzz Windows drivers and create powerful fuzzers from scratch
  • Have fun with code and library injection, soft and hard hooking techniques, and other software trickery
  • Sniff secure traffic out of an encrypted web browser session
  • Use PyDBG, Immunity Debugger, Sulley, IDAPython, PyEMU, and more

The world's best hackers are using Python to do their handiwork. Shouldn't you?

  • Foreword by Dave Aitel
  • Acknowledgments
  • Introduction
  1. SETTING UP YOUR DEVELOPMENT ENVIRONMENT
    1. Operating System Requirements
    2. Obtaining and Installing Python
      1. Installing Python on Windows
      2. Installing Python for Linux
    3. Setting Up Eclipse and PyDev
      1. The Hacker’s Best Friend: ctypes
      2. Using Dynamic Libraries
      3. Constructing C Datatypes
      4. Passing Parameters by Reference
      5. Defining Structures and Unions
  2. DEBUGGERS AND DEBUGGER DESIGN
    1. General-Purpose CPU Registers
    2. The Stack
    3. Debug Events
    4. Breakpoints
      1. Soft Breakpoints
      2. Hardware Breakpoints
      3. Memory Breakpoints
  3. BUILDING A WINDOWS DEBUGGER
    1. Debuggee, Where Art Thou?
    2. Obtaining CPU Register State
      1. Thread Enumeration
      2. Putting It All Together
    3. Implementing Debug Event Handlers
    4. The Almighty Breakpoint
      1. Soft Breakpoints
      2. Hardware Breakpoints
      3. Memory Breakpoints
    5. Conclusion
  4. PYDBG — A PURE PYTHON WINDOWS DEBUGGER
    1. Extending Breakpoint Handlers
    2. Access Violation Handlers
    3. Process Snapshots
      1. Obtaining Process Snapshots
      2. Putting It All Together
  5. IMMUNITY DEBUGGER — THE BEST OF BOTH WORLDS
    1. Installing Immunity Debugger
    2. Immunity Debugger 101
      1. PyCommands
      2. PyHooks
    3. Exploit Development
      1. Finding Exploit-Friendly Instructions
      2. Bad-Character Filtering
      3. Bypassing DEP on Windows
    4. Defeating Anti-Debugging Routines in Malware
      1. IsDebuggerPresent
      1. Defeating Process Iteration
  6. HOOKING
    1. Soft Hooking with PyDbg
    2. Hard Hooking with Immunity Debugger
  7. DLL AND CODE INJECTION
    1. Remote Thread Creation
      1. DLL Injection
      2. Code Injection
    2. Getting Evil
      1. File Hiding
      2. Coding the Backdoor
      3. Compiling with py2exe
  8. FUZZING
    1. Bug Classes
      1. Buffer Overflows
      2. Integer Overflows
      3. Format String Attacks
    2. File Fuzzer
    3. Future Considerations
      1. Code Coverage
      2. Automated Static Analysis
  9. SULLEY
    1. Sulley Installation
    2. Sulley Primitives
      1. Strings
      2. Delimiters
      3. Static and Random Primitives
      4. Binary Data
      5. Integers
      6. Blocks and Groups
    3. Slaying WarFTPD with Sulley
      1. FTP 101
      2. Creating the FTP Protocol Skeleton
      3. Sulley Sessions
      4. Network and Process Monitoring
      5. Fuzzing and the Sulley Web Interface
  10. FUZZING WINDOWS DRIVERS
    1. Driver Communication
    2. Driver Fuzzing with Immunity Debugger
    3. Driverlib — The Static Analysis Tool for Drivers
      1. Discovering Device Names
      2. Finding the IOCTL Dispatch Routine
      3. Determining Supported IOCTL Codes
    4. Building a Driver Fuzzer
  11. IDA PYTHON — SCRIPTING IDA PRO
    1. IDAPython Installation
    2. IDAPython Functions
      1. Utility Functions
      2. Segments
      3. Functions
      4. Cross-References
      5. Debugger Hooks
    3. Example Scripts
      1. Finding Dangerous Function Cross-References
      2. Function Code Coverage
      3. Calculating Stack Size
  12. PYEMU — THE SCRIPTABLE EMULATOR
    1. Installing PyEmu
    2. PyEmu Overview
      1. PyCPU
      2. PyMemory
      3. PyEmu
      4. Execution
      5. Memory and Register Modifiers
      6. Handlers
    3. IDAPyEmu
      1. Function Emulation
      2. PEPyEmu
      3. Executable Packers
      4. UPX Packer
      5. Unpacking UPX with PEPyEmu

    Reviews

    Gray Hat Python

    Reviewed by Roland Buresund

    Bad ** (2 out of 10)

    Last modified: March 5, 2012, 2:07 p.m.

    A sore disappointment. This book is really about a Windows-programmer who have discovered Python and now wants to play "hacker" with it. Doesn't work with 64-bits for the most part, Windows-centric, large part about the authors company's debugger, limited utility, etc, etc.

    In short, rubbish.

    Comments

    There are currently no comments

    New Comment

    required

    required (not published)

    optional

    required

    captcha

    required