Hacking: The Art of Exploitation, by Jon Erickson, is another book I am currently working through. Although it is a little old (the 2nd edition was published in 2008) I feel it still has a lot of value. The book uses an older definition for the word “hacker”. Erickson explains that a hacking is the art of creative problem solving, and the excel at it, you must completely understand the underlying system you are hacking. He gives an excellent over view of C programming and debugging, as well as a decent introduction to reading Assembly. The book really shines in its thorough explanation of buffer overflows and achieving them, following up near the end with ways to expand the ideas taught in this book.
Many people have cited this book as being a great foundation for beginners to software security, and so far, I find it hard to disagree. It you want to follow along exactly with the examples in the book, it comes with a live CD setup to give you a similar environment to work in. I have found you can still follow along outside of the live CD, but with a few tweaks to some of the examples. For instance, in Erickson’s explanation of registers, he uses the 32-bit architecture. Most computers these days use 64-bit, but the equivalent registers are pretty easy to map.
Over all, the principles taught by this book are solid, and I feel it is an excellent read if you are interested in computer security or if you are just interested in learning a little more about what your computer does when you run a program. As always, let me know if you guys find this book helpful in the comments below.
Featured Image from the cover of Hacking: The Art of Exploitation. Credit to Octopod Studios.