Customer Reviews

Hacker Disassembling Uncovered: Powerful Techniques To Safeguard Your Programming

5 star:		(10)
4 star:		(4)
3 star:		(2)
2 star:		(1)
1 star:		(0)

 

 

I really can't complain about the quality of this book because it is information that until now had to be gathered from dark corners of the web and by immersing yourself in hacker communities and obtaining "zines" and newsletters which were online one day and disappeared the next. Hackers out there NEED more books like this that document reverse engineering.

The information itself, while extremely valuable, is very hard to follow (steep learning curve here) but that is not entirely the fault of the presentation, which is actually pretty good. This is just a tough subject. Disassembly is an art, it takes quite a bit of guesswork and experience in recognizing patterns. This book gives you a headstart on that, and is a great place to start learning the craft. I don't know why but he recommends some pretty outdated tools, like a DOS hex editor Hiew which I don't care for.

The book is presented as if it is one of those "uncovered"/"exposed"/"revealed" books that must sell so well. In truth, this book is of only marginal use to someone trying to defend against disassemblers. It makes gestures towards being about "safeguarding your programming" but very little of the book is devoted to that (the last 40 pages of a 580 page book). And, I really wish the book had incorporated a discussion of the executable file format and its different pieces and parts (for this I recommend the article by Matt Pietrek titled "An In-Depth Look into the Win32 Portable Executable File Format" available somewhere online) but that was glossed over.

That said, if you are doing (Intel x86) disassembly, GET this book, it is a must-have. I hope to see a second edition of this someday.

I thought this was a pretty good book. First, to the 'reviewer' (in quotes since he didnt read the book beyond the very beginning) -- very little of the book makes any use of softice. The tool mostly used is Interactive Disassembler (a commercial tool available from datarescue) but any disassembler will do.

The book is about the code typically generated by compilers of various forms (mostly c and c++, some pascal as well). If you want to understand the disassembly, you must grok what Christina Cifuentes calls idioms (instruction sequences that have an effect different than the usual intended meaning).

This book is very much a collection of idioms. It's a good primer to the art of reverse engineering, and maybe readers can move on to general decompilation papers for further study, starting with "Reverse Compilation Techniques" by Ciguentes, and moving on to more modern papers.

First the good news: Very few books give a total picture of assembler code. Usually they are text books, but this is a real hands on book to learn lot of assembler structures. How does a programs laid out(executible file format), what library functions get statically linked, and how they are resolved, how does relocation works, how does loader loads etc., etc. You would find a long lasting knowledge from this book. IF YOU ARE A SYSTEM AND/OR KERNEL MODE PROGRAMMER, IT IS A MUST. But need to go thru the exercises...

Bad news is that it seems like the examples are not tried out with MS visual studio 6.0. You will find the code generation is different, due to some inline library code (ie, strcmp() and others). It does have other mistakes in the programming, as well as in the text. Stack based code execution at the end of the book does not seem to do its job.

But still it is an excellent book to read and go thru those examples to become fairly fluent with large assembler codes, and their working. WHEN THE INFORMATION BASE IS HUGE, LOOK FOR STRUCTURE, AVOID THE DETAIL UNTIL NEEDED, this is precisely this book follows. Nothing could be worse than ignorance, so go grab one !!!

While I agree with all many of the other reviewers here, I have to profess that I thought many of the main topic areas really weren't consistent with hacking. The author takes great pains to write in terms of the circumvention of copy protection mechanisms such as passwords and serial numbers. While I will admit the author demostrates an exceptional knowledge of assembly code and debugging, it would have been nice if he covered a more diverse set of examples. Regardless, taking this book for what it's worth, I would say if you read closely and experiment with the recommended tools you'll take away a far greater understanding of assembly code and the debugging process.

I bought this book without my knowledge of the author. Its a quick read and spends the majority of the time explaining how to find programming structs in compiled code. Its aimed at windows and visual c++, and IDA Pro. With out much trouble I was able to follow along with linux, gcc, and objdump. If you are intrested in this subject, this book is a must.

Copy protection schemes are to software as locks are to doors: they keep honest people out. This book provides the first insight into the science of disassembling object code for the reader who has been disinclined to search for hacker web sites and zines.

With a topic this large, the author can be forgiven for presenting only a limited set of examples: C, C++, Pascal on Windows. He shows how to use commercial tools to disassemble object code into assembler and how to identify program structures there, with particular emphasis on language features that produce non-intuitive structures.

Topics covered include: cracking passwords, identifying key structures in high level languages (the bulk of the book) and how to make your code difficult to analyse using these methods.

The structures examined include IF-THEN-ELSE, SWITCH-CASE-BREAK, objects, structures, arrays, constants, offsets and variables. The reader is shown how to recognise these objects. Explanations are complete and involve no handwaving.

A good solid introductory text.

The best part about this book is that besides all of the neat tricks it gives you, the layout is step-by-step. You can sit down with it using the CD and go through each exercise. I have recommended this book to all of my friends/co-workers that are either learning how to protect software they write to how to identify vulnerabilities in other programs. Knowing assembly helps, but this also presents it in a way that you can learn as you go.

I give the author credit for a decent intro to disassembly, but it's a difficult path with this book. Expensive tools are assumed to be available (no reference is made to free alternatives), and less than subtle remarks about using these tools to make commercial software "free".

Later chapters do get more in-depth, and more useful.

Excellent book from debugging point of view. Especially "Identifying Key Structures of High-Level Languages" section.

This book is mostly how-to reverse engineer, and precious little about how to safeguard against it. Sure you could work out your own techniques to frustrate the reversing used in this book, but the author provides few suggestions of his own.

The book is therefore misleadingly titled. If you want a book to reverse engineer, this is it. If you want a book for how to safeguard against it, look elsewhere.