Hacking: The Art of Exploitation (One Off) Paperback – 11 Oct 2004
Customers Who Viewed This Item Also Viewed
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
What Other Items Do Customers Buy After Viewing This Item?
Top Customer Reviews
A few topics covered in this truly great book include:
- Writing shellcodes (polymorphic, ASCII printable etc.)
- Defeating non-exec stacks (such as in OpenBSD) by teaching how to "return into libc" as an alternative to executing shellcode.
- Various network hacks (such as network DoS vulnerabilities aswell as a multitude of port scanning techniques).
- A wide and vast overview of crytography, including breaking WEP encryption, the details of various popular ciphers, and password cracking using a few little documented techniques.
- and much, much more...
I consider "Hacking: The Art of Exploitation" to be the bible of system exploitation. Whilst other "hacking" books provide an introduction to many off-the-shelf hacking tools, "Hacking: The Art of Exploitation" teaches the true spirit of hacking and system exploitation: creative thinking. This book is a must for all of those interested in true hacking.
This book lays ground and rules to think and develop your skills outside of what you have been taught, it teaches you in a way that will let you evolve further without the book, and in no time you will be developing your own exploits, this book would be only worth for its programming side, it is that good.
It comes with a a linux distro with some tools you can use, I have decided to use my own linux distro, but further in the book, it is advised to use the one provided by the book, because, some exploits have already been patched in later distributions, and all of the exploits and tools work on the one provided by the book.
Also the package was adequate and it came in excellent condition.
Absolutely recommended, although not recommended for someone with very little computer knowledge, or someone that have never written a line of code before, if that is your case this will be very difficult to pick up.
it starts off with some common programming exploits (eg buffer overflows) and explains how they work and shows you how to execute them. This section of the book is good, although i found the need for other material to expand on what i learned here. For example aleph1's excellent tutorial Smash the Stack is a good way to supplement this. Other programming exploits explained are heap overflows, format strings and returning into libc. These are all well explained introductions, but to gain a deeper understanding it is necessary to do some more research.
There is also a good section on writing your own shellcode. Some assembly language experience is useful here and generally it is well explained and set out.
The section on network attacks is also a very good although at times it seems like he is only explaining how to use existing tools and doesn't go into the theory behind them enough, but having said that it is an excellent introduction. Topics covered here include: packet sniffing, DOS attacks, port scanning and TCP/IP hijacking.
The final section on encryption offers some good theoretical knowledge on general encryption concepts but lacks a little on the practical implications of this. However if you are really into encryption you will want to get a dedicated book on it. In the meantime this definatly severs as a good introduction.
With the nature of the topics covered the best way i found to learn was to read over a section and experiment with it. You can only learn so much from a book, but this book will give you a good knowledge base to start from. A decent knowledge of C is assumed, some assembly knowledge would be helpful but isn't strictly necessary.
This one is different, and it's definately the one to get if you are serious about the subject.
A pretty comprehensive guide on some of the low level aspects of true hacking.
It's not for the faint hearted though, it's a heavy and complicated read, and I say that with a bachelors degree in I.T and Computing.
Some exposure to C, and more than a passing exposure to ASM might well be a healthy pre-requisite, as well as an understanding of memory addressing.
If you can't read and understand source code, you will be wasting your time and money here.
Most Recent Customer Reviews
wast of money as it don't work with 64 bit machines.
The examples are for a 32 bit pc not a 64 bit pc so you cant follow the book. Read more
I only have a basic understanding of computing/programming so I found this book a little hard to read. Read morePublished 4 months ago by Amazon Customer
If you want an introduction to computer science and the real nitty-gritty details of hacking, look no further. Read morePublished 6 months ago by shred_alert