This much–anticipated revision, written by the ultimate group of top security experts in the world, features 40 percent new content on how to find security holes in any operating system or application New material addresses the many new exploitation techniques that have been discovered since the first edition, including attacking "unbreakable" software packages such as McAfee′s Entercept, Mac OS X, XP, Office 2003, and Vista Also features the first–ever published information on exploiting Cisco′s IOS, with content that has never before been explored The companion Web site features downloadable code files
The Shellcoder's Handbook
and over 1.5 million other books are available for Amazon Kindle . Learn more
| |||||||||||||||
Did you know you can trade in your old books for an Amazon.co.uk Gift Card to spend on the things you want? Visit the Books Trade-In Store for more details. Learn more. |
Book Description
Frequently Bought Together
Product details
Would you like to update product info or give feedback on images?
|
More About the Authors
Discover books, learn about writers, and more.
Product Description
From the Back Cover
The black hats have kept up with security enhancements. Have you? In the technological arena, three years is a lifetime. Since the first edition of this book was published in 2004, built–in security measures on compilers and operating systems have become commonplace, but are still far from perfect. Arbitrary–code execution vulnerabilities still allow attackers to run code of their choice on your system—with disastrous results. In a nutshell, this book is about code and data and what happens when the two become confused. You′ll work with the basic building blocks of security bugs—assembler, source code, the stack, the heap, and so on. You′ll experiment, explore, and understand the systems you′re running—and how to better protect them. Become familiar with security holes in Windows, Linux, Solaris, Mac OS X, and Cisco′s IOS Learn how to write customized tools to protect your systems, not just how to use ready–made ones Use a working exploit to verify your assessment when auditing a network Use proof–of–concept exploits to rate the significance of bugs in software you′re developing Assess the quality of purchased security products by performing penetration tests based on the information in this book Understand how bugs are found and how exploits work at the lowest level
About the Author
Chris Anley is a founder and director of NGSSoftware, a security software, consultancy, and research company based in London, England. He is actively involved in vulnerability research and has discovered security flaws in a wide variety of platforms including Microsoft Windows, Oracle, SQL Server, IBM DB2, Sybase ASE, MySQL, and PGP. John Heasman is the Director of Research at NGSSoftware. He is a prolific security researcher and has published many security advisories in enterprise level software. He has a particular interest in rootkits and has authored papers on malware persistence via device firmware and the BIOS. He is also a co–author of The Database Hacker’s Handbook: Defending Database Servers (Wiley 2005). Felix “FX” Linder leads SABRE Labs GmbH, a Berlin–based professional consulting company specializing in security analysis, system design creation, and verification work. Felix looks back at 18 years of programming and over a decade of computer security consulting for enterprise, carrier, and software vendor clients. This experience allows him to rapidly dive into complex systems and evaluate them from a security and robustness point of view, even in atypical scenarios and on arcane platforms. In his spare time, FX works with his friends from the Phenoelit hacking group on different topics, which have included Cisco IOS, SAP, HP printers, and RIM BlackBerry in the past. Gerardo Richarte has been doing reverse engineering and exploit development for more than 15 years non–stop. In the past 10 years he helped build the technical arm of Core Security Technologies, where he works today. His current duties include developing exploits for Core IMPACT, researching new exploitation techniques and other low–level subjects, helping other exploit writers when things get hairy, and teaching internal and external classes on assembly and exploit writing. As result of his research and as a humble thank you to the community, he has published some technical papers and open source projects, presented in a few conferences, and released part of his training material. He really enjoys solving tough problems and reverse engineering any piece of code that falls in his reach just for the fun of doing it.
Inside This Book
(Learn More)
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Explore More
Concordance
Browse Sample PagesConcordance
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
What Other Items Do Customers Buy After Viewing This Item?
Customer Reviews
Most Helpful Customer Reviews
By M. SMITH
Format:Paperback|Amazon Verified Purchase
This book is a good reference to have to hand if you are trying to write or understand shellcode. Initially it shows the basic stack overflow techniques of old, I worked through these examples using Dam Vulnerable Linux, because every other system will be well protected against these bugs. I got a bit too bogged down with trying to reverse engineer the code and understand every assembly instruction at this point, which i wouldn't recommend.
The book then goes into different operating systems and the basics of how to write shellcode for it. Covering Windows, Linux, Solaris, and OSX. This is where i got the most benefit from understanding why Windows shellcode looks and acts the way it does.
I would advise not to read this book in order but to go directly to the information that you need. It is not a step by step or a training text. Chapter 15 Establishing a Working Environment is a good place to start if you want to get a machine up and running with the relevant tools you require.
This book also helped to make assembler more interesting. Chapter 21, Binary Auditing, shows how various C and C++ statements look once they have been compiled and then decompiled.
One interesting concept briefly mentioned is by tracking advisories and bug reports you may be able to identify patterns of similar bugs or problems occurring.
The book then goes into different operating systems and the basics of how to write shellcode for it. Covering Windows, Linux, Solaris, and OSX. This is where i got the most benefit from understanding why Windows shellcode looks and acts the way it does.
I would advise not to read this book in order but to go directly to the information that you need. It is not a step by step or a training text. Chapter 15 Establishing a Working Environment is a good place to start if you want to get a machine up and running with the relevant tools you require.
This book also helped to make assembler more interesting. Chapter 21, Binary Auditing, shows how various C and C++ statements look once they have been compiled and then decompiled.
One interesting concept briefly mentioned is by tracking advisories and bug reports you may be able to identify patterns of similar bugs or problems occurring.
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com:
4.2 out of 5 stars
28 reviews
93 of 95 people found the following review helpful
4.0 out of 5 stars
Excellent material, but...
11 May 2004
By Omar A. Herrera Reyna
- Published on Amazon.com
Format:Paperback
Not for beginners as others have previously stated, you require deep knowledge of C, assembler and IA32 architecture as well as some knowledge of the Linux and Windows operating systems. If you have this then it will suffice (Even if you have not ever heard of a buffer overflow before).
What amazes me, and the reason of me not giving five stars to the book, is the enormous amount of errors in the book (no one else has talked about this on previous reviews). These go from forgetting to include memory allocation routines in some sample code and putting incorrect labels in some diagrams to talking about certain parts of code while actually showing completely different lines of code or talking about different addresses in the explanations from the ones on the sample code and program output that they talk about.
For example, on page 90 the authors wrote:
" Let's take a look at two assembly instructions that correspond to the free() routine finding the previous chunk
0x42073ff8 <_int_free+136>: mov 0xfffffff8 (%edx),%eax
0x42073ffb <_int_free+139>: sub %eax,%esi
In the first instruction (mov 0x8 (%esi), %edx), %edx is 0x80499b8, the address of..."
The instruction being referred to at the last sentence should be "mov 0xfffffff8 (%edx),%eax". "mov 0x8 (%esi), %edx" appears many lines below this paragraph, in another code sample, and it is completely unrelated to the explanation given there.
Of course, people familiar with these topics who also have a deep knowledge of the required programming languages and architectures will catch these flaws easily. The problem is that there are so many of them that it gets annoying at some point and you end asking yourself why do the editorial reviewers didn't do their job properly.
Also, I bought this book almost as soon as it went out for sale, yet as of this date (may 2004), the only material found in the web page of the book is the source code to most of the examples. Definitely much less compared to all the material that the authors promised in the book to be there (so don't expect to find more than this).
It is an excellent reference book though, and if you take the time to read the book thoroughly and make notes to fix the errors in the book you will find that even this activity is rewarding. Some might even argue that the authors put the errors there on purpose to keep script kiddies away from this knowledge, but I don't think that would be OK with a book like this which has created so much expectation. Hopefully the next edition will have all this fixed.
24 of 24 people found the following review helpful
4.0 out of 5 stars
Amazing
8 April 2004
By Elijah D
- Published on Amazon.com
Format:Paperback
I've always been facinated by the amount of work security researchers put into finding vulnerabilities. This is a very good book on software vulnerabilities. It's also very current as it examines a number of the recently widely publicized vulnerabilities. It also rightly points out the fact that Linux/Unix are not as secure as a lot of people out there would like the public to believe.
The ways to get around stack protection outlined in this book was an eye opener for me.
I thought I had very good knowledge of the material the book covers until I actually read it. It is clear that as software shops continue to plug vulnerabilties, people will continue to find new ways to exploit software.
Clearly, this book is not for the casual reader. This is essentially a book for people who have above average assembly language and c/c++ skills.
26 of 30 people found the following review helpful
5.0 out of 5 stars
Excellent security book although misleading title
21 May 2004
By AdV
- Published on Amazon.com
Format:Paperback
The title "Shellcoder's handbook" made me reluctant to even buy this book. I thought it would go about explaining exploiting stack, heap overruns, bypassing memory exploitation methods and so on in order to execute shell code: basically, a book for hacking and I didn't like that. Nonetheless, it took me a glance of the list of authors and the table of contents to realize that this book goes beyond exploitation and into core penetration testing and vulnerability discovery methods. Hopefully, like rational and ethical software security engineers will do, this book will be used more for vulnerability discovery and benign exploitation rather than malicious exploitation.
Parts 1 and 2 are a great introduction of OS internal, system calls, memory management, and in-depth analysis of security bug exploitation; thus making them relevant for part 3: "Vulnerability Discovery". Part 3 goes into great depth on how discover security bugs. No so often do we have the brightest minds in the art of software vulnerability discovery, penetration testing, or "ethical hacking" joining forces. The variety of ways to discover security bugs is what we need to learn in order to ship secure software or to successfully secure existing software applications. Great Job!
›
Go to Amazon.com to see all 28 reviews
4.2 out of 5 stars
Were these reviews helpful?
Let us know
Customer Discussions
|
This product's forum
Search Customer Discussions
|
Related forums
|
Listmania!
|
|
Look for similar items by category
Feedback
- Would you like to update product info or give feedback on images?
- I am the Author, and I want to comment on my book.
- I am the Publisher, and I want to comment on this book.
|
