xorl %eax, %eax

Book: The Shellcoder’s Handbook (second edition)

with 2 comments

Despite what most people think, the second edition of this book is slightly different from the first edition. Some chapters from the first edition were removed and others were added. I will only comment on the chapters that differ from the previous release.

Title: The Shellcoder’s Handbook: Discovering and Exploiting Security Holes
Authors: Chris Anley, John Heasman, Felix “FX” Linder, Gerardo Richarte

Part I: Introduction to Exploitation: Linux on x86
Chapter 1: Before You Begin

Chapter 2: Stack Overflows

Chapter 3: Shellcode

Chapter 4: Introduction to Format String Bugs

Chapter 5: Introduction to Heap Overflows

Part II: Other Platforms – Windows, Solaris, OS/X, and Cisco
Chapter 6: The Wild World of Windows

Chapter 7: Windows Shellcode

Chapter 8: Windows Overflows

Chapter 9: Overcoming Filters

Chapter 10: Introduction to Solaris Exploitation

Chapter 11: Advanced Solaris Exploitation

Chapter 12: OS X Shellcode
This is a new chapter that deals with Mac OS X shellcoding. A good thing about it is that it has information for both Intel and PowerPC architectures and even for cross-platform shellcode.

Chapter 13: Cisco IOS Exploitation
Another very innovative chapter for such exploit development books. All the major steps along with numerous examples are included in this chapter. This means everything from Cisco IOS essentials, vulnerabilities, reverse engineering and both stack and heap exploitation.

Chapter 14: Protection Mechanisms
Most common (for the time the book was published) protection mechanisms are discussed here. Some of them are non-executable stack, W^X, ASLR, Windows SEH, etc.

Part III: Vulnerability Discovery
Chapter 15: Establishing a Working Environment

Chapter 16: Fault Injection

Chapter 17: The Art of Fuzzing

Chapter 18: Source Code Auditing: Finding Vulnerabilities in C-Based Languages

Chapter 19: Instrumented Investigation: A Manual Approach

Chapter 20: Tracing for Vulnerabilities

Chapter 21: Binary Auditing: Hacking Closed Source Software

Part IV: Advanced Materials
Chapter 22: Alternative Payload Strategies

Chapter 23: Writing Exploits that Work in the Wild

Chapter 24: Attacking Database Software

Chapter 25: Unix Kernel Overflows

Chapter 26: Exploiting Unix Kernel Vulnerabilities

Chapter 27: Hacking the Windows Kernel
Another new chapter this time for Windows kernel exploitation. It is a good reading that goes through the basics of Windows kernel programming and exploitation of stack and heap based buffer overflows.

So, as you can see it is another very good book but it lacks some important parts of the previous edition. In my opinion, nowadays it is a little bit outdated but it has some parts like the CISCO IOS chapter that are otherwise not well documented (from an exploit developer’s point of view).

Written by xorl

August 21, 2011 at 16:41

Posted in books

2 Responses

Subscribe to comments with RSS.

  1. Thanks for review, there is Errata and Notes for ShellCoder’s Handbook (second edition)


    August 22, 2011 at 22:35

  2. URL have to be h??p://shellcoders.blogspot.com/


    August 22, 2011 at 22:37

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s