O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Attacking Network Protocols

Book Description

Attacking Network Protocols is a deep-dive into network vulnerability discovery from James Forshaw, Microsoft's top bug hunter. This comprehensive guide looks at networking from an attacker's perspective to help you find, exploit, and ultimately protect vulnerabilities.

Part I starts with a rundown of networking basics and traffic capture, as it builds a foundation for analyzing a network. Part II moves on to protocol analysis, both static and dynamic; you'll learn about common protocol structures, cryptography, and protocol security, and how to reverse engineer code with IDA Pro, ILSpy, and Javasnoop. Part III focuses on finding and exploiting vulnerabilities, including an overview of common bug classes, fuzzing, debugging, exhaustion attacks, and how to develop custom tools. Forshaw ends with an overview of the best tools for analyzing and exploiting networks. By the book's end, you'll have a deep understanding of how to analyze network communication and where to look for vulnerabilities. You'll learn how to:

  • Capture, manipulate, and spoof packets both passively and on the wire
  • Create your own capture framework
  • Reverse engineer code, brute force passwords, and decrypt traffic
  • Exploit vulnerabilities with denial-of-service attacks, SQL injections, and memory corruptions
  • Use protocol capture tools like IDA Pro, Wireshark, and CANAPE
  • Strengthen your exploits by rerouting network traffic, exploiting compression, and controlling data flow
Attacking Network Protocols is a must-have for any penetration tester, bug hunter, or developer looking to exploit and secure network vulnerabilities.

Table of Contents

  1. Cover Page
  2. Title Page
  3. Copyright Page
  4. About the Author
  5. About the Technical Reviewer
  6. Brief Contents
  7. Contents in Detail
  8. Foreword by Katie Moussouris
  9. Acknowledgments
  10. Introduction
    1. Why Read This Book?
    2. What’s in This Book?
    3. How to Use This Book
    4. Contact Me
  11. Chapter 1: The Basics of Networking
    1. Network Architecture and Protocols
    2. The Internet Protocol Suite
    3. Data Encapsulation
    4. Network Routing
    5. My Model for Network Protocol Analysis
    6. Final Words
  12. Chapter 2: Capturing Application Traffic
    1. Passive Network Traffic Capture
    2. Quick Primer for Wireshark
    3. Alternative Passive Capture Techniques
    4. Advantages and Disadvantages of Passive Capture
    5. Active Network Traffic Capture
    6. Network Proxies
    7. Final Words
  13. Chapter 3: Network Protocol Structures
    1. Binary Protocol Structures
    2. Dates and Times
    3. Tag, Length, Value Pattern
    4. Multiplexing and Fragmentation
    5. Network Address Information
    6. Structured Binary Formats
    7. Text Protocol Structures
    8. Encoding Binary Data
    9. Final Words
  14. Chapter 4: Advanced Application Traffic Capture
    1. Rerouting Traffic
    2. Configuring a Router
    3. Network Address Translation
    4. Forwarding Traffic to a Gateway
    5. Final Words
  15. Chapter 5: Analysis from the Wire
    1. The Traffic-Producing Application: SuperFunkyChat
    2. A Crash Course in Analysis with Wireshark
    3. Identifying Packet Structure with Hex Dump
    4. Developing Wireshark Dissectors in Lua
    5. Using a Proxy to Actively Analyze Traffic
    6. Final Words
  16. Chapter 6: Application Reverse Engineering
    1. Compilers, Interpreters, and Assemblers
    2. The x86 Architecture
    3. Operating System Basics
    4. Static Reverse Engineering
    5. Dynamic Reverse Engineering
    6. Reverse Engineering Managed Languages
    7. Reverse Engineering Resources
    8. Final Words
  17. Chapter 7: Network Protocol Security
    1. Encryption Algorithms
    2. Random Number Generators
    3. Symmetric Key Cryptography
    4. Asymmetric Key Cryptography
    5. Signature Algorithms
    6. Public Key Infrastructure
    7. Case Study: Transport Layer Security
    8. Final Words
  18. Chapter 8: Implementing the Network Protocol
    1. Replaying Existing Captured Network Traffic
    2. Repurposing Existing Executable Code
    3. Encryption and Dealing with TLS
    4. Final Words
  19. Chapter 9: The Root Causes of Vulnerabilities
    1. Vulnerability Classes
    2. Memory Corruption Vulnerabilities
    3. Default or Hardcoded Credentials
    4. User Enumeration
    5. Incorrect Resource Access
    6. Memory Exhaustion Attacks
    7. Storage Exhaustion Attacks
    8. CPU Exhaustion Attacks
    9. Format String Vulnerabilities
    10. Command Injection
    11. SQL Injection
    12. Text-Encoding Character Replacement
    13. Final Words
  20. Chapter 10: Finding and Exploiting Security Vulnerabilities
    1. Fuzz Testing
    2. Vulnerability Triaging
    3. Exploiting Common Vulnerabilities
    4. Writing Shell Code
    5. Memory Corruption Exploit Mitigations
    6. Final Words
  21. Appendix: Network Protocol Analysis Toolkit
    1. Passive Network Protocol Capture and Analysis Tools
    2. Active Network Capture and Analysis
    3. Network Connectivity and Protocol Testing
    4. Web Application Testing
    5. Fuzzing, Packet Generation, and Vulnerability Exploitation Frameworks
    6. Network Spoofing and Redirection
    7. Executable Reverse Engineering
  22. Index
  23. Resources
  24. The Electronic Frontier Foundation (EFF)
  25. Footnotes