xorl %eax, %eax

Book: Hacker Disassembling Uncovered (second edition)

with 9 comments

About a year ago I saw that book in a friend’s car, after spending a couple of minutes with it I found it quite interesting, especially to someone like me that doesn’t have much experience on Windows. So, I bought it and I had it in my library for quite some until. A few days before CCC I decide to have a look at it and now I’ve finished reading it for first time. :)



Title: Hacker Disassembling Uncovered: Powerful Techniques To Safeguard Your Programming
Author: Kris Kaspersky

So, the book is great if you don’t have much experience on reversing. It deals with all the essential concepts for both user and kernel space and makes references even to non-Windows platforms and file formats such as ELF. Kris Kaspersky is an amazing reverser and the book is written in an really simple manner from a reader’s point of view. The main disadvantage is the massive use of external resources (articles, books, links etc.) for further research and that in some cases the author focuses on specific tools instead of giving the overall idea, however, I don’t know if this could be avoided. Each chapter deals with both theory and practice even though I think that it’s more of practical/technical book since it contains numerous examples and in some cases, even on real world applications (such the introductory example of cracking WinRAR in chapter 6).
Furthermore, the book (second edition) was published on 2007 but almost everything discussed in it is still applicable in many situations. In my opinion, the average reverser will find new knowledge in that book even though I believe that it’s more appropriate for people that are just entering the magic world of reverse engineering but have a good grasp of C, x86 assembly and essential operating system design and software development issues. Also, because of the countless external resources provided you can easily continue your research in a subject you’re interested in really easily since you have a starting to point to begin with your research.
I’m not sure if this book has much to offer on professional reversers but it deals with so many subjects that I believe it would have something for those too. To conclude, an excellent reversing book which doesn’t focus on a specific area but it covers all of the common techniques and issues that a reverser could face. I loved the way it was written because it was extremely easy to follow, perfect for the average coders but don’t expect to find any amazingly advanced reverse engineering stuff in it.

Written by xorl

January 2, 2010 at 19:11

Posted in books

9 Responses

Subscribe to comments with RSS.

  1. Could you post the Table of Contents of this book? I’m from india and unfortunately 2nd edition is not printed here. :( I’m desperately waiting to read the 2nd edition.

    claws

    May 7, 2010 at 13:05

  2. Could you post the Table of Contents of 2nd edition of this book? I’m from India and unfortunately 2nd edition is not printed here. :( I’m desperately waiting to read the 2nd edition.

    claws

    May 7, 2010 at 13:07

  3. Can you upload it please ? I’m from southamerica and these books are really hard to find (not to mention how expensive they are) and I think that nowdays it’s hard to find anywhere =( :sad:.
    Also, I have a question for you, I’m a begginer, do you think that this book is a better intro to the subject than Eldad Eilam’s book? or Eilam’s its better ?. I was thinking to read this first because to me it seems more BEGGINER than SECRETS, and then move to SECRETS.

    P.S: Also I do not have background on ASM , but I read on amazon that with this book you can learn (not everything but enough to “get it” and move to other material) along the way, contrary to this REVERSING reviewers claim that the book is self-contained but at the same time they say that’s for people with brackground in C and x86

    Greetings !.

    Sebastian

    August 14, 2010 at 23:24

  4. Here you are:
    Chapter 1: Getting Started with Hacking Tools
    Chapter 2: Hacking Tools for UNIX
    Chapter 3: Emulating Debuggers and Emulators
    Chapter 4: Introduction to Assemblers
    Chapter 5: Getting Acquainted with the Basic Hacking Techniques
    Chapter 6: Warming Up
    Chapter 7: Getting Acquainted with Application Debugging
    Chapter 8: Specific Features of Debugging under UNIX and Linux
    Chapter 9: Basics of Kernel Debugging with Lince
    Chapter 10: Advanced Debugging Topics
    Chapter 11: Disassembling 32-bit PE Files
    Chapter 12: Disassembling ELF Files under Linux and BSD
    Chapter 13: Disassembling in x86-64 Architecture
    Chapter 14: Disassembling and Hacking Linux Kernels
    Chapter 15: Advanced Patching Techniques
    Chapter 16: Disassembling Files of Other Formats
    Chapter 17: Playing Hide-and-Seek under Windows
    Chapter 18: Overcoming Packers
    Chapter 19: Overcoming Code Obfuscation
    Chapter 20: Overcoming Packers in Linux and BSD
    Chapter 21: Debugging and Disassembling Malware

    xorl

    September 13, 2010 at 16:54

  5. @Sebastian: I don’t have it as an ebook but you could find it somewhere online.
    If you don’t have any asm knowledge then K. Kaspersky’s book is not a wise choice since it requires at least basic knowledge of the assembly language for x86 architecture. I haven’t read “Reversing: Secrets of Reverse Engineering” yet so I have no clue about it. :(

    xorl

    September 13, 2010 at 16:59

  6. @Sebastian:

    I’ve read both the books “Reversing: Secrets of Reverse Engineering” & “Hacker Disassembling Uncovered”. former is a more diverse in nature and lacks in depth but its THE BEST in giving overview and it does a good job in filling the gap between the academic courses and real world. Hacker Disassembling on the other hand is excellent in DEPTH and is very specific. So, both are best at what they are. If you are a beginner I suggest you to go through “Reversing: Secrets of Reverse Engineering” first

    claws

    September 13, 2010 at 17:23

  7. @xorl

    are you sure these are the contents of “Hacker Disassembling Uncovered (second edition)”?

    Because these are no close to the 1st edition. I’m glad I purchased 1st edition. 2nd edition also looks good. IMO 2nd edition should be called HDU-part1 and 1st edition should be called HDU-part2.

    They are completely different.

    claws

    September 13, 2010 at 17:38

  8. @claws: Yeap, I wrote them based on the hardcopy edition of the book that I’ve here with me.
    Thanks for the info though, I’ll have a look at the first edition as soon as possible. :)

    xorl

    September 13, 2010 at 17:43

  9. @claws

    Thanks for the advice, I’ll approach it that way !

    @xorl

    You can easily find the first edition, 2nd edition is hard to find even in print , I think that there is only 1 book at the amazon marketplace for US 600. =S.
    In general, altough claws informed that the 1st edition and the 2nd seems entirely different, my interest on the second edition come from “disassembling x86-64” because it is not covered in any other book, nor Eilam’s nor HDU 1st ed.

    Best regards !.

    Sebastian

    July 25, 2011 at 23:23


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s