Sign in to follow this  
Followers 0
Aghaster

Hacking: The Art of Exploitation

13 posts in this topic

Hi,

I've just noticed that the 2nd edition of Hacking: The Art of Exploitation was out, so I ordered it from amazon.ca ($35 CAN). I was wondering, does anybody already own the book? What are you comments? Here is what No Starch says about the differences between the first and second edition:

So you're wondering if it's worth buying the second edition of Hacking: The Art of Exploitation when you already own the first one. Here are some of the major differences in the new version:

* The book has doubled in size from 200 to 450+ pages

* More hands-on examples

* Expanded introduction to fundamental programming concepts for beginners

* The Networking chapter is expanded

* New chapters on shellcoding and evading security countermeasures

* Linux LiveCD included

0

Share this post


Link to post
Share on other sites
* More hands-on examples

Yes and the live CD that comes with the book provides the preconfigured enviorment to run all the examples in the book.

0

Share this post


Link to post
Share on other sites

I own a copy. The book is alright but honestly I've recommend the shellcoder's handbook over it and if you have the shellcoder's handbook you don't really need it. The problem with the book is that it's not focused enough for the length of it and really it doesn't do an amazing job of covering any of the topics that it covers. I would have preferred them to just cover the stack, heap, and off by one errors and focused more on them rather than having the whole C primer and doing networking and encryption.

0

Share this post


Link to post
Share on other sites
The book is alright but honestly I've recommend the shellcoder's handbook over it

There is no comparison between "Hacking: The Art of Exploitation" and "Shellcoders handbook", the former is for begineers only whereas the latter covers everything there is about shellcodeing.

0

Share this post


Link to post
Share on other sites
The book is alright but honestly I've recommend the shellcoder's handbook over it

There is no comparison between "Hacking: The Art of Exploitation" and "Shellcoders handbook", the former is for begineers only whereas the latter covers everything there is about shellcodeing.

I think that was his cryptic way of saying "he should learn code and figure it out for himself."

Question: It is not in bookstores yet? Normally when I new tech book comes out I just flip through it in the store to see if I actually want to pay money for the thing or just absorb the knowledge from it's pages.

0

Share this post


Link to post
Share on other sites

I got a copy yesterday and i've read a couple pages and it seems like a good book to set you on the right path. But honestly, you need to be able to choose the right way to go from it. I am going to start learning python soon.

Its a pretty good book.

0

Share this post


Link to post
Share on other sites

The book has been out for at least a month or so so it should be in bookstores unless they don't order those books :)

0

Share this post


Link to post
Share on other sites

I picked up my copy at SCALE in February at the no starch con price. If you can have extra money lying around it's not really a bad read, but I'd say pick up a copy of the shellcoder's handbook over it. However to really get anything useful out of the shellcoder's handbook you'll already have to be fairly familiar with ia32 assembly and have some knowledge of C (which honestly you should anyway if you are interested in the subject).

0

Share this post


Link to post
Share on other sites

Hum... you're tempting me with the Shellcoder's Handbook, it seems that most people who have read Hacking: The Art of Exploitation recommend it. I think I'll order it.

EDIT: I've ordered it. I'll receive both books soon :)

Edited by Aghaster
0

Share this post


Link to post
Share on other sites

I bought the first edition just before the second came out, its ok, i've only browsed through it a bit and it seems ok. I've also got the Shellcoders Handbook 2nd edition, its pretty nice was expecting something less thick but i guess its ok like that. To be honest i haven't had time to sit down and go through the books as i've been very busy with exams; but i'll still recommend both.

Edited by codar
0

Share this post


Link to post
Share on other sites

Yeah, I got the shell coder's book and i dunno but alot of other ones, I only read about 60% of em' yeah i know thats bad....

Oh, but now i do want to see if i can find the AOE 2nd edition in the local book store...hmmmm

I prefer Johnny Long's books much more thou, after seeing and meeting him in person; oh and listening first hand with him being interviewed for a podcast...

Don't get me wrong i buy books right, but i luv to get em for free, like looking for books on irc, or torrent sites, newsgroups, etc... :ninja:

0

Share this post


Link to post
Share on other sites

While taking a look at the Shellcoder's Handbook on Amazon, I came across this spinoff book that looks like it could be promising:

The Web Application Hacker's Handbook

Has anyone heard of this? It looks like it's gotten good reviews, and it's an interesting alternative to those of us that don't know the assembly language required for understanding the Shellcoder's Handbook.

0

Share this post


Link to post
Share on other sites

If anyone cares, I got The Web Application Hacker's Handbook and it's definitely worth a read. Although a portion of the book has some pretty common-sense stuff, much of it is surprisingly deep, to the point where it makes you re-evaluate seemingly trivial things like SQL injection and XSS. In particular are very well-written, detailed chapters on attacking session management and access controls. I also liked how the SQL injection chapter really went into the different intricacies of SQL dialects, such as slight syntax differences, functions, variables, error messages, and hacks.

I believe there's an e-book if anyone's interested.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0