0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Windows APT Warfare

You're reading from Windows APT Warfare Identify and prevent Windows APT attacks effectively

Product type Paperback

Published in Mar 2023

Publisher Packt

ISBN-13 9781804618110

Length 258 pages

Edition 1st Edition

Languages

C++

Tools

MiniGW

Concepts

Cybersecurity

Author (1):

Sheng-Hao Ma

View More author details

Table of Contents (17) Chapters

Preface

1. Part 1 – Modern Windows Compiler

2. Chapter 1: From Source to Binaries – The Journey of a C Program FREE CHAPTER

3. Chapter 2: Process Memory – File Mapping, PE Parser, tinyLinker, and Hollowing

4. Chapter 3: Dynamic API Calling – Thread, Process, and Environment Information

5. Part 2 – Windows Process Internals

6. Chapter 4: Shellcode Technique – Exported Function Parsing

7. Chapter 5: Application Loader Design

8. Chapter 6: PE Module Relocation

9. Part 3 – Abuse System Design and Red Team Tips

10. Chapter 7: PE to Shellcode – Transforming PE Files into Shellcode

11. Chapter 8: Software Packer Design

12. Chapter 9: Digital Signature – Authenticode Verification

13. Chapter 10: Reversing User Account Control and Bypassing Tricks

14. Index

Why subscribe?

15. Other Books You May Enjoy

Appendix – NTFS, Paths, and Symbols

Win32 and NT path specification

tinyLoader example

The following example is the peLoader.cpp source code under the Chapter#6 folder of the GitHub project. In order to save space, this book only extracts the highlighted code; please refer to the complete source code see all the details of the project.

We first compile our msgbox.c source code as we did in Chapter 1 with MinGW and use the -Wl,--dynamicbase,--export-all-symbols arguments to generate an EXE file with a relocation table, msgbox_reloc.exe, as shown in Figure 6.3:

Figure 6.3 – The generation of msgbox_reloc.exe

Figure 6.3 – The generation of msgbox_reloc.exe

Figure 6.4 shows the fixReloc function responsible for correcting the relocation task for the entire PE module:

Figure 6.4 – The fixReloc function

Figure 6.4 – The fixReloc function

At lines 56-57 of the code, we can retrieve the starting point of the relocation table held in the current .reloc section from DataDirectory[IMAGE_BASE_RELOCATION] and later use it to analyze the relocation fields.

At lines...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (1)

Sheng-Hao Ma

Sheng-Hao Ma

Sheng-Hao Ma is currently working as a threat researcher at TXOne Networks, specializing in Windows reverse engineering analysis for over 10 years. In addition, he is currently a member of CHROOT, an information security community in Taiwan. He has served as a speaker and instructor for various international conferences and organizations such as Black Hat USA, DEFCON, CODE BLUE, HITB, VXCON, HITCON, ROOTCON, Ministry of National Defense, and Ministry of Education.

See other products by Sheng-Hao Ma

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m