Hacking: The Art of Exploitation

[ant100]

Wow thank you for your reply I don't have anything against old books, it's just a while ago I was reading about php security and there were a few things I didnt understand, but when I asked about them someone said 'why are you asking that? are you reading something from 2008?' and I kind of was.. heh

I'll give it a try and see if I get lost

[cyberdrain]

Alright, good luck with it. There's too much knowledge to be gained and too little time. You have been warned

[ant100]

Alright, good luck with it. There's too much knowledge to be gained and too little time. You have been warned

haha I know! that's what I keep thinking I guess one little knowledge at a time, and eventually that's gotta take you somewhere.

[Escarii]

Hi all,

Been working my way through this book slowly over the last year and a bit. I'm new to most things IT so I've been using this book as a central point from which to orientate myself. I love this book overall - essentially everything you need to know to follow is in this book, however the content can be strangely organised - important concepts and commands buried in odd places in the text.
The examples are great though, easy to follow and all on the live CD. I bought this book a number of years ago before picking it up again recently and my copy of the CD is long lost. This presented some problems when it came to using some of the older tools or libraries but nothing I couldn't work around by following the book's advice and examining source code and manuals.
The course of the book runs roughly:
C coding, some bash and perl introductions, the 1st chapter introduces programs like a notetaker and a notesearch as well as the long final program, a game of chance. Chapter 2 covers the basics of stack and heap overflows and format string vulns, with emphasis on using gdb (gnu debugger) to follow the execution of programs and examines vulnerabilities in the programs built in chapter 1. Finally some common targets for overwrites and injecting premade shellcode. Chapter 4 is about networking, using sockets, sniffing packets, modifying live packets and network attacks like ARP spoofing and port-binding shellcode. Following on chapter 5 is an introduction to shellcode, chapter 6 focuses on building defensive countermeasures and builds an ftp deamon then follows the habbit by going on to break that deamon and covering your tracks. The last chapter is on cryptology but I havn't read it yet.
Overall a brilliant book, but I'd love to see a 3rd edition!

[whitewisdom]

Thanks for this recommendation. I'm planning to buy it as well. Do you think there's a digital version, an ebook?

[mShred]

There are definitely ebook versions that you can buy. There are also some floating around, but you ain't ever gonna have a sexy library of sophisticated books and bookshelves if you just ebookin everything.

[AnotherSavage2000]

I am new here, and I've only made it past mission 4 on the basic level. If anyone has ideas on how I could pick things up on my learning a little more quickly. Please contact me.

[Barbara123]

Hi all,

Been working my way through this book slowly over the last year and a bit. I'm new to most things IT so I've been using this book as a central point from which to orientate myself. I love this book overall - essentially everything you need to know to follow is in this book, however the content can be strangely organised - important concepts and commands buried in odd places in the text.
The examples are great though, easy to follow and all on the live CD. I bought this book a number of years ago before picking it up again recently and my copy of the CD is long lost. This presented some problems when it came to using some of the older tools or libraries but nothing I couldn't work around by following the book's advice and examining source code and manuals.
The course of the book runs roughly:
C coding, some bash and perl introductions, the 1st chapter introduces programs like a notetaker and a notesearch as well as the long final program, a game of chance. Chapter 2 covers the basics of stack and heap overflows and format string vulns, with emphasis on using gdb (gnu debugger) to follow the execution of programs and examines vulnerabilities in the programs built in chapter 1. Finally some common targets for overwrites and injecting premade shellcode. Chapter 4 is about networking, using sockets, sniffing packets, modifying live packets and network attacks like ARP spoofing and port-binding shellcode. Following on chapter 5 is an introduction to shellcode, chapter 6 focuses on building defensive countermeasures and builds an ftp deamon then follows the habbit by going on to break that deamon and covering your tracks. The last chapter is on cryptology but I havn't read it yet.
Overall a brilliant book, but I'd love to see a 3rd edition!

Thank you for your opinion!