ManagedCodeRootkits.pdf

(5697 KB) Pobierz

Managed Code Rootkits

Hooking into Runtime

Environments

This page intentionally left blank

Managed Code Rootkits

Hooking into Runtime

Environments

Erez Metula

AMSTERDAM • BOSTON • HEIDELBERG • LONDON

NEW YORK • OXFORD • PARIS • SAN DIEGO

SAN FRANCISCO • SINGAPORE • SYDNEY • TOKYO

Syngress is an imprint of Elsevier

Acquiring Editor: Rachel Roumeliotis

Development Editor: Matthew Cater

Project Manager: Laura Smith

Designer: Kristen Davis

Syngress

is an imprint of Elsevier

30 Corporate Drive, Suite 400, Burlington, MA 01803, USA

No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including

photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details

on how to seek permission, further information about the Publisher’s permissions policies and our arrangements with organizations

such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website:

www.elsevier

.com/permissions.

This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may

be noted herein).

Notices

Knowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes

in research methods or professional practices, may become necessary. Practitioners and researchers must always rely on their own

experience and knowledge in evaluating and using any information or methods described herein. In using such information or methods

they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility.

To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury

and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any

methods, products, instructions, or ideas contained in the material herein.

Library of Congress Cataloging-in-Publication Data

Metula, Erez.

Managed code rootkits : hooking into runtime environments / Erez Metula.

p. cm.

Includes bibliographical references and index.

Summary: “Introduces the reader briefly to managed code environments and rootkits in general—Completely details a new type

of rootkit hiding in the application level and demonstrates how a hacker can change language runtime implementation—Focuses on

managed code including Java, .Net, Android Dalvik, and reviews malware development scenarios”— Provided by publisher.

ISBN 978-1-59749-574-5

1. Computers—Access control. 2. Virtual computer systems—Security measures. 3. Rootkits (Computer software) 4. Common

Language Runtime (Computer science) 5. Computer security. I. Title.

QA76.9.A25M487 2010

005.8—dc22

2010036631

British Library Cataloguing-in-Publication Data

A catalogue record for this book is available from the British Library.

ISBN: 978-1-59749-574-5

Printed in the United States of America

10 11 12 13 14 10 9 8 7 6 5 4 3 2 1

Typeset by: diacriTech, India

For information on all Syngress publications visit our website at

www.syngress.com

Plik z chomika:

qfx

Inne pliki z tego folderu:

Rootkit Arsenal.pdf (83284 KB)
Malware & Rootkits.pdf (11238 KB)
Designing BSD Rootkits.pdf (8580 KB)
ManagedCodeRootkits.pdf (5697 KB)
Rootkits - Subverting the Windows Kernel.pdf (2347 KB)

ManagedCodeRootkits.pdf

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: