Sunday, August 14, 2011
Hacking: The Art of Exploitation (Review)
Hacking is a powerful topic. People with absolutely no interest in computers can still be captivated with a story about hacking. Anyone who displays the slightest amount of technical ability will repeatedly be asked about hacking, how to hack and how to learn to hack. When I'm asked "How can I learn to hack?" I have one reply. Buy Hacking: The Art of Exploitation.
I have read both versions of Hacking: The Art of Exploitation and both times I have been surprised and impressed. The reader is first given a definition of what hacking actually is (the unintended use of laws or properties of a given situation as Jon explains). Then they are walked through a gentle explanation of programming with non-technical real world examples. Comparisons are made between giving driving directions to a person and how to program those same directions for a computer. This ensures that the reader is not overwhelmed when they realize they are learning to program.
Once the reader is comfortable with basic programming concepts the book gets right into the topic at hand. Simple programs are given with explanations of how each program works and why each program is insecure. This is followed by an explanation of the attack vector that will be used and then the reader is walked through coding a fully functional exploit, step by step. Most of these explanations show memory maps and debugger commands used to see how the exploits are detected and crafted.
After explaining common places to attack code such including both stack and heap-based overflows Jon moves into networking and how computers communicate. DOS attacks, network sniffing, TCP/IP hijacking and port scanning are all covered in the networking section. The reader is then brought back to shellcode with a very low level look at how code works. By this time the reader has a fairly strong grasp of several attack vectors. Countermeasures are then discussed to explain what will prevent a hack from working, or at least being logged, and how to counter the countermeasures.
Jon brings the book to a close with one final subject, cryptography. Hybrid ciphers, password cracking and WEP cracking are all discussed here. WEP may seem a bit dated but I still don't have an issue finding a WEP network these days. The book comes with a CD containing all the source code used as well as a pre-configured linux hacking environment (Ubuntu) that will allow the reader to test all of the exploits they have just learned. As I said the great thing about this book is that it doesn't teach you to hack via paint by numbers because that becomes dated quickly. Instead it teaches the reader how to look for, find and craft exploits which is a timeless skill. If you or someone you know wants to learn to hack, this is the place to start. Well, here and Phrack.