April 02, 2008, 2:01 PM — Hacking: The Art of Exploitation, 2nd Edition (Jon Erickson, No Starch Press, 2008) is an intense, thorough and extremely well written book that can take you from basic hacking concepts to building your own security code in a surprisingly short time. It is probably the best book to read if you want a thorough understanding of various hacking techniques, especially if you know enough about programming to put some of what you learn into practice -- not for hacking, I would hope, but to use the same skills for vulnerability testing and the same knowledge for protecting your network.
The book consistently provides clear, yet detailed, explanations. In its eight chapters, it lays a groundwork for understanding the basic methods of hacking (identifying and exploiting weaknesses in deployed code) and follows through with details on how specific flaws lead to specific attacks. The author also presents very useful countermeasures -- those that detect exploits and those that deflect them.
Chapter 1, Introduction, sets the expectations for the rest of the book. It introduces the complex, low-level workings of computers in a way that most high level users are likely to find quite illuminating.
Chapter 2 focuses on programming. Some of this early material may seem more detailed than necessary for those who have been programming for a long time, but it doesn't insult the reader by being too introductory. By the end of the chapter, the reader is already getting his feet wet with sample code and a solid expectation of what the following chapters on methods and means will provide.
Chapter 3 might be said to be the real meat of the text. It introduces all types of hacking exploits from stack and heap buffer overflows, denial of service attack, TCP/IP hijacking, port scanning and more. If these are vague concepts to you, they certainly will no longer be once you finished this book.
Chapter 4 addresses network-related attacks. It starts with basic explanations of OSI layers, sockets and such and then carries through with how network concepts lead to hacking exploits.
Chapters 5 through 7 cover shellcode (the payload in the exploitation of a particular vulnerability), countermeasures and cryptography.
Chapter 8 wraps up the wide and detailed scope of the book with some fundamental take-home messages.
I found the approach of the book, starting with basic explanations of flaws and exploits, moving through programming and then centering on specific exploitation
techniques to be very effective. Some older exploits (like the ping of death) might no longer be cause for concern, but the historical implications of flaws once exploited and eventually thwarted may help the reader to understand how systems and firewalls have evolved as a result. The dissections of hacking techniques are nothing short of excellent.
You can learn such things as how to corrupt system memory and run arbitrary code via buffer overflows and format strings. You will see how to go about outsmarting common security measures used with intrusion detection systems. You will learn how to use a debugger to read processor registers and memory contents. You might even learn to crack certain encryption protocols. Whether you are a sysadmin or a programmer, you are likely to leave this book with a renewed sense of the importance of defensive coding techniques.
The book includes LiveCD -- a complete Linux programming and debugging environment that you can run without modifying your working operating system. This means you can actually debug code, overflow buffers, hijack network connections, get around protections set up to trip you up, exploit cryptographic weaknesses and devise your own hacking tools if you feel like experimenting.
At nearly twice the size of the first edition, this book is a bargain and a must have for anyone who wants to understand the ins and outs of hacking.
Just as the day that I locked myself out of my house put me in an altogether different mindset regarding its penetrability, this book will dramatically change your view of system security.
