Managed Code Rootkits: Hooking into Runtime Environments (Paperback) (管理代碼根套件:鉤入執行時環境)

Erez Metula

  • 出版商: Syngress Media
  • 出版日期: 2010-10-28
  • 定價: $1,650
  • 售價: 8.0$1,320
  • 語言: 英文
  • 頁數: 336
  • 裝訂: Paperback
  • ISBN: 1597495743
  • ISBN-13: 9781597495745
  • 相關分類: .NETAndroidJava 程式語言
  • 立即出貨 (庫存=1)

買這商品的人也買了...

相關主題

商品描述

Imagine being able to change the languages for the applications that a computer is running and taking control over it. That is exactly what managed code rootkits can do when they are placed within a computer. This new type of rootkit is hiding in a place that had previously been safe from this type of attack-the application level. Code reviews do not currently look for back doors in the virtual machine (VM) where this new rootkit would be injected. An invasion of this magnitude allows an attacker to steal information on the infected computer, provide false information, and disable security checks. Erez Metula shows the reader how these rootkits are developed and inserted and how this attack can change the managed code that a computer is running, whether that be JAVA, .NET, Android Dalvik or any other managed code. Management development scenarios, tools like ReFrameworker, and countermeasures are covered, making this book a one stop shop for this new attack vector.



  • Introduces the reader briefly to managed code environments and rootkits in general
  • Completely details a new type of rootkit hiding in the application level and demonstrates how a hacker can change language runtime implementation
  • Focuses on managed code including Java, .NET, Android Dalvik and reviews malware development scanarios

商品描述(中文翻譯)

想像一下,能夠更改電腦正在運行的應用程式的語言並掌控它。這正是當受控代碼根套件(managed code rootkits)被放置在電腦中時所能做到的。這種新型根套件藏在以前對這種攻擊是安全的地方-應用程式層級。目前的程式碼審查並不會尋找這種新根套件可能被注入的虛擬機器(VM)中的後門。這種攻擊的入侵程度允許攻擊者竊取受感染電腦上的信息,提供虛假信息並禁用安全檢查。Erez Metula向讀者展示了這些根套件是如何開發和插入的,以及這種攻擊如何改變電腦正在運行的受控代碼,無論是JAVA、.NET、Android Dalvik還是其他任何受控代碼。本書涵蓋了管理開發場景、像ReFrameworker這樣的工具以及對策,使其成為這種新攻擊向量的一站式資源。

- 簡要介紹了受控代碼環境和根套件的概念
- 詳細介紹了一種新型根套件,它藏在應用程式層級,並演示了黑客如何改變語言運行時實現
- 專注於受控代碼,包括Java、.NET、Android Dalvik,並審查了惡意軟體開發場景