Hacking: The Art of Exploitation, 2nd Edition

I've read quite a few books on hacking, many of which focus on specific technologies—such as using tools to perform reconnaissance on websites and identify potential attack targets. This book, however, takes a different approach. It starts by teaching the fundamentals of assembly and C programming, then moves on to help you identify programs vulnerable to buffer overflows. You'll learn how to write shellcode to exploit these vulnerabilities. What sets this book apart is its minimal reliance on abstractions. For instance, it teaches you how to build your own simple web server, which you can then exploit. Need to perform a SYN flood against a target? No problem—you'll write your own in C to fully understand the process. This hands-on approach will give you a solid understanding of networking. There's even a chapter dedicated to cryptography, which will deepen your knowledge in this critical area. To top it off, the book culminates in a project where you'll learn to crack WEP encryption—not with third-party tools, but by exploiting weak initialization vectors (IVs) and doing it all yourself. While some of the examples, such as the buffer overflow scenarios, may not work in real-world environments, this book is still an invaluable resource. It covers essential foundational knowledge that will serve you well on your hacking journey. There are books that quickly get outdated because they teach you how to use tools. This book is a classic. It teaches you understanding. After reading this, you’ll have a better understanding of how third-party tools work, or you can write your own!

I picked this book up a number of years ago when I got interested in understanding exploits. I've got experience writing code, and even some basic knowledge of networking. However it was difficult to get past the first 3 chapters. I stopped, and started elsewhere. This book will cover everything you need to know, and while that sounds great it's not for beginners or people looking to start quickly. I recommend seeking introductory knowledge elsewhere, C, OSI, TCP/IP, operating systems etc. Penetration Testing a Hands on Guide by Georgia Weidmam is a good way to get started with just getting hands on practice. Once I went back and got a grip on these concepts and had some practice the book was easier to understand and I came to appreciate it much more. Its not an easy read, and you need to have some solid understanding of the machine as a whole. After I played with buffer overflows in a VM I went back and appreciated chapter 0x200s coverage of registers and what they do. Buy this book only if you have a solid understanding of the computer as a whole, or will develop it alongside. The book will not get you started. It will definitely help you develop the understanding of why a buffer overflow script written in Python works, and how. If you want to get up and running quickly look elsewhere. But that doesn't mean it's a bad text, it's well done, insightful, and will help you understand the why of exploiting software.

This is a 'real' hacking book, not another high level concepts book. It examines low level exploits, mostly via assembly language and C code examples. By page 21, Jon is walking the user through an object dump of a C program, by page 25 explaining the Intel assembly language. We have all heard of buffer overflow exploits, shellcodes. Jon provides detailed coding examples, teaching the reader about registers, memory locations - all in exacting, working detail. My favorite part of the book is when Jon, wanting to reduce the footprint of a sample exploit program's code, reverses a loop's order, shortening a section of code from 5 to 4 instructions! Super clever.

The easiest way to sum up this book is simply "wow." Erickson discusses the fundamentals of exploits (hacks) on local machines and remote machines, and also hits on a bit of cryptology. The meat of book is sandwiched by something of an inner dialogue and history of hacking, which alone are worth the cost of the book. This book is not for the layman or the faint of heart- you have to know how to write code, and you have to at least know how to read Intel x86 assembly, if not write it. It also doesn't hurt to know how programs are actually executed- beyond just double-clicking an icon- I'm talking about stacks and heaps and everything else. The second chapter is possibly the most elegant summary of programming and the C language I have ever seen, ever, but nothing beats a few years "in the trenches." So once you've refreshed your basics of programming, Erickson gets right into it, discussing buffer overflows. He builds up from the most simple concepts into more and more complicated tools- which seems to be exactly how we have arrived at modern exploits; the hackers and the anti-hackers have been co-evolving over the years. Next comes hacking remote machines, including how to cover your tracks- which I found to be some of the most devious ideas presented. If you take your time, and run some of the exploits yourself on the included CD, you will come away with an incredible knowledge of how many exploits work from their most fundamental level. If you're anything like me, you will enjoy the "hunt" of trying to counter the exploit before Erickson explains the solution. Also, if you're anything like me, you will walk away from the book shaking your head at the rut called ASCII that we've worked ourselves into. <rant> I think this is another one of those books that needs to be on a mandatory reading list for all CS bachelors degree. It seems to me that most of the exploits wouldn't be a problem if programmers were a bit more diligent in their coding. strcpy() is your enemy, strncpy() is your friend. Always always ALWAYS be 100% suspicious of any input supplied from a user- check for illegal characters. Instead of if(functionThatReturnsTrue), try if(functionThatReturnsTrue == True). The list goes on and on. Computers do only what they are told, and if you leave a hole in your program that allows someone else to tell the computer what to do to save yourself the second or two it takes to hit a few more keys, well then you deserve to be hacked and summarily lose your job. Due diligence: do it- maybe then the real engineering disciplines won't be so mad when code monkeys call themselves engineers. </rant> From what I can gather, the first edition was too terse. I think the second edition was a bit long-winded at times. And there's no discussion of hacking a Windows machine. However, this is still by far the best general hacking book out there.

The book opens with "The goal of this book is to share the art of hacking with everyone." That sums up exactly what the book does. For those that are interested in learning more about the exploitation side of security, this book is THE primer. Hacking goes into the mindset of the hacker when it comes to exploitation. It starts out with the terms and concepts that are required to understand all of the in depth technical parts that come next. The book ships with a LiveCD with all of the code on it, which makes it easy to follow along with each section. The sections start out with Unix basics and move forward. Most of the programs are short and easy to follow, although there are a few 400+ line programs thrown in, which for me were harder to follow. You don't need to KNOW assembly in order to follow through with this book, however, you must have a strong enough background in computers to look up what the assembly means and be able to follow through. The only exception may be the Shellcode chapter, where the whole point is dealing with assembly tricks to remove NULL bytes in appliactions. Each section has strong examples and explanations, and the stack overflows, heap overflows, and format string exploits are well covered. The stack and heap overflows had awesome examples and were clear and concise. The format string section was really good, although I did reference The Shellcoder's Handbook to solidify my understanding. The book even has material on network exploitation. Before the exploitation is presented, the author goes into how the network works, how to sniff network traffic, and then finally goes into network exploitation. The background is great if you need a refresher on networking before you get to the network based exploitation. Overall, great book. It is one of my two favorites for dealing with exploitation, and it is a must have on your bookshelf if you need to deal with exploits as a sys admin, pen tester, or vulnerability researcher or hobbyist.

I had the first edition copy of this book that I studied. This second edition has a lot more knowledge and sets the mindset to have. It’s very insightful and tackles concept in an easy to grasp way. The first edition had a CD in the back, but since then they have gone away with the physical disk and have a link in the back of the book to set up your vm or machine to practice the concepts in a safe environment. This is a great addition to anyone curious about computers and wanting to do a hands on approach. I’d recommend for beginners up to advanced. It’s a handy reference and great for getting your feet wet.

If you have a minor knowledge of programming and really want to know some basics about how someone might go about tricking their way into a computer, this book is excellent. The author explains and re-explains basic ideas in an extremely clear way, and gives tons of examples that clearly demonstrate his points. He even tosses in a disc which will boot up your computer in an Ubuntu OS off the CD drive so you can try out the code for yourself and follow along. I love it! The disc didn't work on Vista, but it worked on an older laptop i have running XP, just to warn you. (ya ya, I went into the bios and changed the boot sequence, it still didn't work, had a bunch of odd errors and then just kinda froze. Even on the XP laptop, its kinda a coin toss as to whether or not it will boot, and it sounds like it's testing the CD drive for all its worth, but when it works its really awesome). Anyway, despite that, I think this book is exactly what i was looking for - not too soft, just the right amount of code, and just the answers I was looking for as someone who really wants to know how hacking really works. 5 stars.

Good read, if you want to save some cash look for used.