Kris Kaspersky, "Hacker Disassembling Uncovered"
A-List | 2003 | ISBN: 1931769222 | 584 pages | CHM 4.8 MB
The majority of publications that touch on issues of analyzing and optimizing programs, as well as creating means of protecting information, delicately tiptoe around the fact that in order to competently find "holes" in a program without having its source code, you have to disassemble them. Restoring something that even somewhat resembles the source code is still considered an extremely complex task. In the book, the author describes a technology used by hackers that gives a practically identical source code, and this includes programs in C++ as well, which are particularly difficult to disassemble.
The book gives a detailed description of ways to identify and reconstruct key structures of the source language—functions (including virtual ones), local and global variables, branching, loops, objects and their hierarchy, mathematical operators, etc. The disassembly methodology that we will look at has been formalized—i.e., it has been translated from an intuitive concept into a complete technology, available and comprehensible to almost anyone.
The book contains a large number of unique practical materials. It is organized in such a manner that it will most certainly be useful to the everyday programmer as a manual on optimizing programs for modern intelligent compilers, and to the information protection specialist as a manual on looking for so-called "bugs." The "from simple to complex" style of the book allows it to easily be used as a textbook for beginner analyzers and "code diggers."
TABLE OF CONTENT:
Step 1 - Warming up
Step 2 - Getting Acquainted with the Disassembler
Step 3 - Surgery
Step 4 - Getting Acquainted with the Debugger
Step 5 - IDA Emerges onto the Scene
Step 6 - Using a Disassembler with a Debugger
Step 7 - Identifying Key Structures of High-Level Languages
- Counteracting Debuggers
- Counteracting Disassemblers
- An Invitation to the Discussion, or New Protection Tips
- How to…