Hacking: The Art of Exploitation, 2nd Edition

Hacking: The Art of Exploitation, 2nd Edition

Jon Erickson

Language: English

Pages: 488

ISBN: 1593271441

Format: PDF / Kindle (mobi) / ePub

Hacking is the art of creative problem solving, whether that means finding an unconventional solution to a difficult problem or exploiting holes in sloppy programming. Many people call themselves hackers, but few have the strong technical foundation needed to really push the envelope.

Rather than merely showing how to run existing exploits, author Jon Erickson explains how arcane hacking techniques actually work. To share the art and science of hacking in a way that is accessible to everyone, Hacking: The Art of Exploitation, 2nd Edition introduces the fundamentals of C programming from a hacker's perspective.

The included LiveCD provides a complete Linux programming and debugging environment-all without modifying your current operating system. Use it to follow along with the book's examples as you fill gaps in your knowledge and explore hacking techniques on your own. Get your hands dirty debugging code, overflowing buffers, hijacking network communications, bypassing protections, exploiting cryptographic weaknesses, and perhaps even inventing new exploits. This book will teach you how to:

  • Program computers using C, assembly language, and shell scripts
  • Corrupt system memory to run arbitrary code using buffer overflows and format strings
  • Inspect processor registers and system memory with a debugger to gain a real understanding of what is happening
  • Outsmart common security measures like nonexecutable stacks and intrusion detection systems
  • Gain access to a remote server using port-binding or connect-back shellcode, and alter a server's logging behavior to hide your presence
  • Redirect network traffic, conceal open ports, and hijack TCP connections
  • Crack encrypted wireless traffic using the FMS attack, and speed up brute-force attacks using a password probability matrix

Hackers are always pushing the boundaries, investigating the unknown, and evolving their art. Even if you don't already know how to program, Hacking: The Art of Exploitation, 2nd Edition will give you a complete picture of programming, machine architecture, network communications, and existing hacking techniques. Combine this knowledge with the included Linux environment, and all you need is your own creativity.

Topology for Computing (Cambridge Monographs on Applied and Computational Mathematics, Volume 16)

Adventures In Raspberry Pi

Introducing Windows 8.1 for IT Professionals

Introducing Microsoft SQL Server 2014


















Full Expression Shorthand Explanation i = i + 12 i+=12 Add some value to the variable. i = i - 12 i-=12 Subtract some value from the variable. i = i * 12 i*=12 Multiply some value by the variable. i = i / 12 i/=12 Divide some value from the variable. 0x243 Comparison Operators Variables are frequently used in the conditional statements of the previously explained control structures. These conditional statements are based on some sort of comparison. In C, these comparison operators

card numbering starts at 0. i=0; while(i == ace || i == pick) // Keep looping until i++; // we find a valid queen to reveal. cards[i] = 'Q'; print_cards("Revealing a queen", cards, pick); Pr og ra mm in g 109 invalid_choice = 1; while(invalid_choice) { // Loop until valid choice is made. printf("Would you like to:\n[c]hange your pick\tor\t[i]ncrease your wager?\n"); printf("Select c or i: "); choice_two = '\n'; while(choice_two == '\n') // Flush extra newlines. scanf("%c", &choice_two);

in this case. 140 0x 300 Since the notesearch exploit allows an optional command-line argument to define the offset, different offsets can quickly be tested. reader@hacking:~/booksrc $ gcc exploit_notesearch.c reader@hacking:~/booksrc $ ./a.out 100 -------[ end of note data ]------reader@hacking:~/booksrc $ ./a.out 200 -------[ end of note data ]------reader@hacking:~/booksrc $ However, doing this manually is tedious and stupid. BASH also has a for loop that can be used to automate this

they are used for isn’t as important as the fact they are located on the stack and can be set from the shell. The example below sets an environment variable called MYVAR to the string test. This environment variable can be accessed by prepending a dollar sign to its name. In addition, the env command will show all the environment variables. Notice there are several default environment variables already set. reader@hacking:~/booksrc $ export MYVAR=test reader@hacking:~/booksrc $ echo $MYVAR test

datafile); 150 0x 300 Under normal conditions, the buffer allocation is located at 0x804a008, which is before the datafile allocation at 0x804a070, as the debugging output shows. The distance between these two addresses is 104 bytes. reader@hacking:~/booksrc $ ./notetaker test [DEBUG] buffer @ 0x804a008: 'test' [DEBUG] datafile @ 0x804a070: '/var/notes' [DEBUG] file descriptor is 3 Note has been saved. reader@hacking:~/booksrc $ gdb -q (gdb) p 0x804a070 - 0x804a008 $1 = 104 (gdb) quit

Download sample