|
Hacking: The Art of Exploitation
|
| List Price: | CDN$ 59.95 |
| Price: | CDN$ 37.77 & eligible for FREE Super Saver Shipping on orders over $39. Details |
Availability: Usually ships in 10 to 13 days
Ships from and sold by Amazon.ca
8 new or used available from CDN$ 25.68
Average customer review:
Product Description
A comprehensive introduction to the techniques of exploitation and creative problem-solving methods commonly referred to as "hacking." It shows how hackers exploit programs and write exploits, instead of just how to run other people's exploits. This book explains the technical aspects of hacking, including stack based overflows, heap based overflows, string exploits, return-into-libc, shellcode, and cryptographic attacks on 802.11b.
Product Details
- Amazon Sales Rank: #195953 in Books
- Published on: 2004-10-01
- Original language: English
- Binding: Paperback
- 264 pages
Editorial Reviews
About the Author
Customer Reviews
Best hacking book in the market
This book is 10 times greater than any other hacking book. It gives useful code and examples rather than 250 pages of theory. Stack and heap overflows are explained in detail as well as many other modern types of exploits. The best part of the book is that it teaches the reader how to write his/her own shellcode and teaches some basic Assembly language along the way. Everything you need to know to be a hacker or stop hackers.
Includes detailed explanations and code for:
buffer / stack / heap based overflows
format string vulnerabilities
writing shellcode
sniffing switched and unswitched networks
tcp / ip hijacking
denial of service
port scanning and tricking port scans of your own computer
password cracking
Man in the middle attacks
Wireless internet security / hacking
and more
Need to know Assembly
You have probably heard of such hacking techniques as buffer overflows. Typically, a book might give only cursory explanation, especially if it is not devoted to hacking. But suppose you write in C. Chances are you've inadvertantly created buffer overflows and then spent hours chasing this down, after your program crashed. So how on earth can a deliberate overflow lead to a breakin?
It is for such matters that Erickson expounds here. Written for you, whether you want to create such exploits or prevent them. In either case, the knowledge is the same.
What the book requires is some knowledge of C and assembly. For the latter, it is the language of the Intel x86 family. But even if you don't know it, so long as you are familiar with any assembly language and the theory of a Neumann machine, then you can follow the text.
This book is not for every programmer. It turns out that a fair number of programmers get into the field by learning a high level language like C, Fortran, Java or Pascal. But they never learn any assembly. To them, anything compiled from source is a black box. Instead, you need some background in assembly.
The book also gives neat coverage of how to sniff network traffic and manipulate it. There is a section on cryptography. But for this, it is so specialised and vital that you should consult texts dedicated to it.
Phrack for Dummies
This book is a step in the right direction, but it could be better. It seems to have a lot to say about certain topics, a little to say about others, and nothing to say about still other topics. The coverage of buffer overflows, format string exploits, and writing shellcode is excellent. But then when we get to the networking section, there are a couple of paragraphs devoted to some topics. There is no discussion of web vulnerabilities in the book. Nothing on SQL injection. Nothing on cross-site scripting. Furthermore, the Windows world is totally ignored; Linux is used exclusively in the book. Nevertheless, the book is worth it if only for its unsurpassed overflow/format string/shellcode explanations.
