Netzob
Introduction
Import
AbstractMessage
NetworkMessage
FileMessage
Modelization
Definition of a communication protocol
Modelization in Netzob
Vocabular inference
Structure inference
Regoupment of similar structures
Field type inference
Field dependencies from the same message and from the environment
Field semantic inference
Grammar inference
Identification of the automata of the protocol
Fields dependencies with messages of previous states
Vocabular inference
Structure inference
Regoupment of similar structures
Options during alignment process
Needleman and Wunsch algorithm
UPGMA algorithm
Abstraction of a set of message
Analyses after alignment process
Message contextual menu
Group contextual menu
Refine regexes
Slick regexes
Concatenate
Split column
Merge columns
Delete message
Field type inference
Visualization options
Type structure contextual menu
Messages distribution
Data typing
Domain of definition
Change type representation
Field dependencies from the same message and from the environment
Fields dependancies identification
Payload extraction
Field semantic inference
Data carving
Search
Properties
Grammar inference
Identification of the automata of the protocol
Fields dependencies with messages of previous states
Export
XML Export
Scapy Dissector
Wireshark Dissector
Simulation
Fuzzing
Annexes
GOT Poisoning
Glossary
How it works
Step1 : Locate binary of targeted process by parsing /proc/<pid>/maps
Step2 : Parse PLT to get desired GOT address
Step3 : Attach to the process
Step4 : Find a place to inject the parasite loader shellcode
Step5 : Inject new code and save original code we are overwriting
Step6 : Modify EIP (save old EIP) to point to our code
Step7 : Resume traced process so that it executes our parasite loader shellcode and load our parasite
Step8 : Reset register, replace original code and allow process to resume
What is a workspace ?
API
Netzob
Docs
»
Simulation
View page source
Simulation
¶
Todo
Read the Docs
v: netzob-0.4.1
Versions
latest
netzob-0.4.1
netzob-0.4.0
netzob-0.3.3
Downloads
pdf
htmlzip
epub
On Read the Docs
Project Home
Builds
Free document hosting provided by
Read the Docs
.