YetanotherHackerNewsdigest.com
HN Theater | HN Academy | HN Books

HN Books @HNBooksMonth

The best books of Hacker News.
Rankings: week · month (mar/apr) · year (2024) · all time
digests · search

Hacker News Comments on
Hacking: The Art of Exploitation, 2nd Edition

Jon Erickson · 1 HN points · 6 HN comments
HN Books has aggregated all Hacker News stories and comments that mention "Hacking: The Art of Exploitation, 2nd Edition" by Jon Erickson.
View on Amazon [↗]
HN Books may receive an affiliate commission when you make purchases on sites after clicking through links on this page.
Amazon Summary
Hacking is the art of creative problem solving, whether that means finding an unconventional solution to a difficult problem or exploiting holes in sloppy programming. Many people call themselves hackers, but few have the strong technical foundation needed to really push the envelope. Rather than merely showing how to run existing exploits, author Jon Erickson explains how arcane hacking techniques actually work. To share the art and science of hacking in a way that is accessible to everyone, Hacking: The Art of Exploitation, 2nd Edition introduces the fundamentals of C programming from a hacker's perspective. The included LiveCD provides a complete Linux programming and debugging environment—all without modifying your current operating system. Use it to follow along with the book's examples as you fill gaps in your knowledge and explore hacking techniques on your own. Get your hands dirty debugging code, overflowing buffers, hijacking network communications, bypassing protections, exploiting cryptographic weaknesses, and perhaps even inventing new exploits. This book will teach you how to: – Program computers using C, assembly language, and shell scripts – Corrupt system memory to run arbitrary code using buffer overflows and format strings – Inspect processor registers and system memory with a debugger to gain a real understanding of what is happening – Outsmart common security measures like nonexecutable stacks and intrusion detection systems – Gain access to a remote server using port-binding or connect-back shellcode, and alter a server's logging behavior to hide your presence – Redirect network traffic, conceal open ports, and hijack TCP connections – Crack encrypted wireless traffic using the FMS attack, and speed up brute-force attacks using a password probability matrix Hackers are always pushing the boundaries, investigating the unknown, and evolving their art. Even if you don't already know how to program, Hacking: The Art of Exploitation, 2nd Edition will give you a complete picture of programming, machine architecture, network communications, and existing hacking techniques. Combine this knowledge with the included Linux environment, and all you need is your own creativity.
HN Books Rankings

Hacker News Stories and Comments

All the comments and stories posted to Hacker News that reference this book.
>won't you just pick up the Intel reference manual and flick through it?

The Intel reference manual is incredibly bloated and dry reading. Yeah, it has literally everything you would want to know. But good luck trying to understand all of it in a reasonable amount of time.

I learned x86 while studying buffer overflows in college. We used Hacking: The Art of Exploitation which walked us through most of the core concepts really well.

https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson...

sure, this is the book: http://www.amazon.com/gp/product/1593271441/ref=oh_aui_detai...

Hacking: The Art of Exploitation, 2nd Edition

binarycrusader
There's also:

  A Guide to Kernel Exploitation: Attacking the Core
http://www.amazon.com/Guide-Kernel-Exploitation-Attacking-Co...

...if you're interested in the kernel level exploits.

disclaimer: A co-worker of mine co-authored it.

I would really suggest purchasing a good book about it. From my point of view, I would go for "Hacking: The Art of Exploitation, 2nd Edition" from Jon Erickson which goes in depth about how to crack programs using gdb and other tools. It's really a wonderful book if you want to learn more about the world of cracking in general, and it doesn't require much prior security experience.

Quick link to Amazon: http://www.amazon.com/Hacking-The-Art-Exploitation-Edition/d...

FLUX-YOU
I've done some of this book. It's good, but you're better off knowing the basics before trying to really learn from it I think. I only knew a little C when I started, so I only got about 4 or 5 chapters after much googling before I drowned.

Learn some ASM and get familiar with gdb before attempting

bubblicious
It's definetely out there if you have only done a little C. It doesn't require any previous security knowledge though as I stated. But like you realized, it does require you to know your way around low-level programming.
Read this book, it's basically only hacking C code with assembly. http://www.amazon.com/Hacking-The-Art-Exploitation-Edition/d... It also covers topics such as TCP sockets and the likes. If you ever want to become a real hacker it's your best starting point.

And the world was never the same again.

Nov 08, 2013 · 1 points, 1 comments · submitted by fuhrer1996
fuhrer1996
A good book that actually discusses hacking and not just a few exploits.
I'm a network security analyst. Either of these two books would be a good place to start. Also, if you are looking for a decent community for this type of thing, visit reddit.com/r/netsec.

Hacking: The Art of Exploitation, 2nd Edition

http://www.amazon.com/Hacking-The-Art-Exploitation-Edition/d...

Hacking Exposed 7

http://www.amazon.com/Hacking-Exposed-Network-Security-Solut...

This next site is basically Youtube for security conferences. They also offer some online courses on writing exploits in assembly and python, but not all of them are free.

http://www.securitytube.net/

Computer security is just like programming, you can obtain a world class education for free, from the Internet. You just have to know where to look.

I haven't read the books that the other guys mentioned, but I've seen them recommended so often that I'd bet they're worth a read as well.

We mean hacker in the pg (http://www.paulgraham.com/gba.html) esr (http://www.catb.org/~esr/faqs/hacker-howto.html) sense of the word, namely an awesome programmer who loves learning, groks hacker culture, and self identifies as a hacker. Not a cracker. Certainly learning about computer security is part of being a good hacker, but it's not primarily what Hacker School is about.

Incidentally, have you ever read Hacking: The Art of Exploitation (http://www.amazon.com/Hacking-The-Art-Exploitation-Edition/d...)? It's my favorite book on the subject.

cinquemb
No i haven't but ill definitely look into it since it sounds pretty cool ha
HN Books is an independent project and is not operated by Y Combinator or Amazon.com.
~ yaj@
;laksdfhjdhksalkfj more things
yahnd.com ~ Privacy Policy ~
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.