- Paperback: 744 pages
- Publisher: Wiley; 2 edition (August 20, 2007)
- Language: English
- ISBN-10: 047008023X
- ISBN-13: 978-0470080238
- Product Dimensions: 7 x 1.6 x 9.2 inches
- Shipping Weight: 2.4 pounds (View shipping rates and policies)
- Average Customer Review: 48 customer reviews
- Amazon Best Sellers Rank: #79,729 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
The Shellcoder's Handbook: Discovering and Exploiting Security Holes 2nd Edition
Use the Amazon App to scan ISBNs and compare prices.
"Children of Blood and Bone"
Tomi Adeyemi conjures a stunning world of dark magic and danger in her West African-inspired fantasy debut. Learn more
Frequently bought together
Customers who bought this item also bought
Customers who viewed this item also viewed
From the Back Cover
The black hats have kept up with security enhancements. Have you?
In the technological arena, three years is a lifetime. Since the first edition of this book was published in 2004, built-in security measures on compilers and operating systems have become commonplace, but are still far from perfect. Arbitrary-code execution vulnerabilities still allow attackers to run code of their choice on your system—with disastrous results.
In a nutshell, this book is about code and data and what happens when the two become confused. You'll work with the basic building blocks of security bugs—assembler, source code, the stack, the heap, and so on. You'll experiment, explore, and understand the systems you're running—and how to better protect them.
- Become familiar with security holes in Windows, Linux, Solaris, Mac OS X, and Cisco's IOS
Learn how to write customized tools to protect your systems, not just how to use ready-made ones
Use a working exploit to verify your assessment when auditing a network
Use proof-of-concept exploits to rate the significance of bugs in software you're developing
Assess the quality of purchased security products by performing penetration tests based on the information in this book
Understand how bugs are found and how exploits work at the lowest level
About the Author
Chris Anley is a founder and director of NGSSoftware, a security software, consultancy, and research company based in London, England. He is actively involved in vulnerability research and has discovered security flaws in a wide variety of platforms including Microsoft Windows, Oracle, SQL Server, IBM DB2, Sybase ASE, MySQL, and PGP.
John Heasman is the Director of Research at NGSSoftware. He is a prolific security researcher and has published many security advisories in enterprise level software. He has a particular interest in rootkits and has authored papers on malware persistence via device firmware and the BIOS. He is also a co-author of The Database Hacker’s Handbook: Defending Database Servers (Wiley 2005).
Felix “FX” Linder leads SABRE Labs GmbH, a Berlin-based professional consulting company specializing in security analysis, system design creation, and verification work. Felix looks back at 18 years of programming and over a decade of computer security consulting for enterprise, carrier, and software vendor clients. This experience allows him to rapidly dive into complex systems and evaluate them from a security and robustness point of view, even in atypical scenarios and on arcane platforms. In his spare time, FX works with his friends from the Phenoelit hacking group on different topics, which have included Cisco IOS, SAP, HP printers, and RIM BlackBerry in the past.
Gerardo Richarte has been doing reverse engineering and exploit development for more than 15 years non-stop. In the past 10 years he helped build the technical arm of Core Security Technologies, where he works today. His current duties include developing exploits for Core IMPACT, researching new exploitation techniques and other low-level subjects, helping other exploit writers when things get hairy, and teaching internal and external classes on assembly and exploit writing. As result of his research and as a humble thank you to the community, he has published some technical papers and open source projects, presented in a few conferences, and released part of his training material. He really enjoys solving tough problems and reverse engineering any piece of code that falls in his reach just for the fun of doing it.
Author interviews, book reviews, editors picks, and more. Read it now
Top customer reviews
There was a problem filtering reviews right now. Please try again later.
Saw publisher's comments - yes, formatting is fixed! Purchased book again and will start reading it.
What amazes me, and the reason of me not giving five stars to the book, is the enormous amount of errors in the book (no one else has talked about this on previous reviews). These go from forgetting to include memory allocation routines in some sample code and putting incorrect labels in some diagrams to talking about certain parts of code while actually showing completely different lines of code or talking about different addresses in the explanations from the ones on the sample code and program output that they talk about.
For example, on page 90 the authors wrote:
" Let's take a look at two assembly instructions that correspond to the free() routine finding the previous chunk
0x42073ff8 <_int_free+136>: mov 0xfffffff8 (%edx),%eax
0x42073ffb <_int_free+139>: sub %eax,%esi
In the first instruction (mov 0x8 (%esi), %edx), %edx is 0x80499b8, the address of..."
The instruction being referred to at the last sentence should be "mov 0xfffffff8 (%edx),%eax". "mov 0x8 (%esi), %edx" appears many lines below this paragraph, in another code sample, and it is completely unrelated to the explanation given there.
Of course, people familiar with these topics who also have a deep knowledge of the required programming languages and architectures will catch these flaws easily. The problem is that there are so many of them that it gets annoying at some point and you end asking yourself why do the editorial reviewers didn't do their job properly.
Also, I bought this book almost as soon as it went out for sale, yet as of this date (may 2004), the only material found in the web page of the book is the source code to most of the examples. Definitely much less compared to all the material that the authors promised in the book to be there (so don't expect to find more than this).
It is an excellent reference book though, and if you take the time to read the book thoroughly and make notes to fix the errors in the book you will find that even this activity is rewarding. Some might even argue that the authors put the errors there on purpose to keep script kiddies away from this knowledge, but I don't think that would be OK with a book like this which has created so much expectation. Hopefully the next edition will have all this fixed.
IF YOU DON'T KNOW COMPUTER SCIENCE TURN BACK NOW
This book is a nonstop stream of information relating all of those concepts. And certainly the best one I've ever read.
You're not going to get fluff, opinion, editorials, introductions or appendixes for review, NOTHING. Many of the other books in this category, such as "Hacking: The Art of Exploitation" have a lot of reviews clearly by people with no a background in Computer Science claiming those books are too technical. Those books are IT and networking books that have a -- nothing compared to this. The meat of what is in "Hacking: The Art of Exploitation" is covered in the first 5 chapters in this book.
In short I recommend people interested in learning about malware in depth use the following materials:
1."Smashing The Stack For Fun And Profit" by Aleph One (aka Elias Levy).
This is a masterpiece of some basic vulnerabilities and their exploitation. A good intro to the topic and many folks may wish to stop here.
2. "Hacking: The Art of Exploitation", 2nd Ed by Jon Erickson
This moves into some excellent examples that apply the techniques of exploitation. A good way to get some "hands on" experience and put into practice the core ideas of exploitation. Just don't expect this to be geared toward modern exploits and real-world applications in 2016.
3. "The Shellcoder's Handbook: Discovering and Exploiting Security Holes" 2nd Ed. This book being reviewed.
This book is much more in depth and focuses on real-world exploits. These exploits actually work and are practical in more modern systems. If your goal is to move beyond concepts and simple examples to practical techniques that are useful, this is the book you'll need.
I hope this helps.