Book Review: Hacking: The Art of Exploitation

The term hackers has been quite sensationalized in today's media. From movies depicting characters who break into electric substations using Ethereal to being able to do in-depth digital zooms and facial recognition with your cell phone, many of the so called "hackers" are miscategorized and just flat out wrong. In Hacking: The Art of Exploitation Jon Erickson dives deep into what makes up these hacks, working to describe not just what they are, but how they fundamentally work.

Jon certainly has his work cut out for him. As he describes during the introduction, many call themselves hackers, but have neither the technical depth nor breadth to do more than run some commands. But true hacking is really about exploration and understanding, and Jon wastes no time reminding us of this. The first chapter is a review (or an introduction depending on your skill level) to some very basic and foundational concepts - Control Structures, Types, Memory Segmentation, File I/O, Pointers and others. Don't let this initial chapter fool you - he may describe many of these concepts initially in pseudocode that makes any serious dev roll their eyes, but the concepts are sound and vital for understanding the rest of the book.

With the basics out of the way, we dive into actual exploitations. Jon talks about Stack and Heap based overflows, and how to use Bash and Perl to help automated these exploits. Along the way we build a program that we immediately begin tearing up, showing just how vulnerable our innocuous programs can be.

But getting a root shell locally, while interesting and useful in some situations, is not as big of a concern in today's computing environments as the next topic - networking. Following his depth and breadth approach, Jon introduces to the fundamentals of networking - the OSI Model, Sockets and the various layers. As we dig deeper, we start understanding network sniffing, denial of service attacks, TCP/IP Hijacking, Port Scanning and then finally exploiting the simple web server we've been working on to get a root shell.

But that's only a start. With the basics, exploits and networking out of the way, we can focus on an extremely interesting topic - shellcode. Jon takes us through the world of Linux System calls, how they interact with the stack, and how you can take advantage of that to create shell-spawning, port binding and connect-back shellcode.

With a firm understanding, Jon begins wrapping up with a discussion on Countermeasures - how to do all of the above without being caught. This includes overwriting or spoofing log files, hiding no-op sleds, and other tools of the trade.

Finally, Jon takes us through some Cryptology lessons. These are as in-depth as you would find in other books, but are enough to get the job done. And the job here is serious - Password cracking and breaking Wireless encryption. Again, this isn't just a set of tools, but an education in the ways that they work, and why the exploits do what they do.

Personally, this is a book I am extremely glad to own. While some would view this as more ammunition for script kiddies, I see it as a powerful tool in the arsenal of both sysadmins and developers alike in guarding their applications and systems from these attacks, as well as understanding what to look for, how they can happen, and the mindset of those trying them out.

While this book won't make you an instant security expert, it will give you a strong foundation to understand many of the fundamental tools, protocols and systems we use on a daily basis.

Amazon Link (no referrer) : http://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441

Agile FAQ is live!

Just a quick announcement that I've finally settled on a format for the Agile FAQ site. If you haven't heard about it - this site came about from two incidents. The first was a post to the XP Yahoo! mailing list from a gentleman who I felt had the concepts of agile software development just wrong. But it was difficult to point to any one place to begin to debunk some of his theories.

Shortly after, Kent Beck posted a question to the XP mailing list about what XP could learn from Scrum. My feeling was that one of Scrum's greatest strengths was that you always knew exactly what composed of Scrum, because it was run by Ken Schwaber.

So I combined the ideas and brought on board people from across the agile world - Ken Schwaber, Alistair Cockburn, Ron Jeffries, Brian Marick, Jim Shore, Andy Hunt, Scott Ambler, Uncle Bob and many others to let me bug them once a week to collectively answer FAQs about agile software. The first question I posed to them, What is Agile?, has already started getting replies, to which I've posted to the site:

What is Agile?

It should be a fun ride. I've already written a script which stepped through the various agile mailing lists I subscribed to and extracted the questions asked there - I'm currently parsing through that and hope to begin to place those up on the site. In the meantime, if you have an area you are passionate about, or just questions you want answered, feel free to create an account and post away!