Monday, 9 May 2011

THE ART OF EXPLOITATION


You have probably heard of such hacking techniques as buffer overflows. Typically, a book might give only cursory explanation, especially if it is not devoted to hacking. But suppose you write in C. Chances are you've inadvertantly created buffer overflows and then spent hours chasing this down, after your program crashed. So how on earth can a deliberate overflow lead to a breakin?
It is for such matters that Erickson expounds here. Written for you, whether you want to create such exploits or prevent them. In either case, the knowledge is the same.
What the book requires is some knowledge of C and assembly. For the latter, it is the language of the Intel x86 family. But even if you don't know it, so long as you are familiar with any assembly language and the theory of a Neumann machine, then you can follow the text.


This book is not for every programmer. It turns out that a fair number of programmers get into the field by learning a high level language like C, Fortran, Java or Pascal. But they never learn any assembly. To them, anything compiled from source is a black box. Instead, you need some background in assembly.
The book also gives neat coverage of how to sniff network traffic and manipulate it. There is a section on cryptography. But for this, it is so specialised and vital that you should consult texts dedicated to it.

0 comments:

Post a Comment