427 Botnet fm qxd



Download 6,98 Mb.
Pdf ko'rish
bet325/387
Sana03.12.2022
Hajmi6,98 Mb.
#878307
1   ...   321   322   323   324   325   326   327   328   ...   387
Bog'liq
Botnets - The killer web applications

www.syngress.com
Intelligence Resources • Chapter 11
395
427_Botnet_11.qxd 1/9/07 9:56 AM Page 395

can analyze and edit them—be it EXE, DLL, ActiveX, or other Windows
portable executable (PE) formats. Using this tool, you can quickly open an
executable, analyze its procedures, libraries and dependencies, change its
data/time stamp, and edit other information.The program provides a wide
range of information for those reviewing their own programs, or those
written by others.
Figure 11.1
PE Disassembler
DJ Java Decompiler
The DJ Java Decompiler runs on Windows machines, and is used to decom-
pile and disassemble Java programs. Using this tool, you can reconstruct the
source code of an applet or binary file, and review its methods, constants,
interfaces, attributes, and other features that would normally be unavailable to
anyone other than the original programmer.
Hackman Disassembler
As seen in Figure 11.2, Hackman Disassembler is part of the Hackman Suite,
and comes in three versions: Lite, Standard, and Pro.The Pro version of this
tool has the capability to open any file size, and work with any instruction
set, enabling you disassemble any Windows program and view its code.
www.syngress.com
396
Chapter 11 • Intelligence Resources
427_Botnet_11.qxd 1/9/07 9:56 AM Page 396

Figure 11.2
Hackman Disassembler
Tools & Traps…
Themida
Oreans Technology has a product called Themida that may be used to
protect software by using features like data hiding, encryption, code
replacement, and others that make it difficult to analyze malicious soft-
ware protected by this product. When software protected by Themida
runs on a computer, it will take control of the CPU and check for any
disassemblers on the computer. If none exists, Themida decrypts the
software and allows the program to be executed. Features in Themida
make it difficult to reverse engineer and crack a botnet protected by
this product, and makes the botnet more difficult to detect using
antivirus software. Themida is available for download from
www.oreans.com, as are other tools designed for security that could be
used for protecting malicious software from analysis.

Download 6,98 Mb.

Do'stlaringiz bilan baham:
1   ...   321   322   323   324   325   326   327   328   ...   387



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish