Shellcoder's Programming Uncovered
Kris Kaspersky
ISBN-10: 193176946X

Product Description
How hackers, viruses, and worms attack computers from the Internet and exploit security holes in software is explained in this outline of antivirus software, patches, and firewalls that try in vain to withstand the storm of attacks. Some software's effectiveness exists only in the imaginations of its developers because they prove unable to prevent the propagation of worms, but this guide examines
where security holes come from, how to discover them, how to protect systems (both Windows and Unix), and how to do away with security holes altogether. Unpublished advanced exploits and techniques in both C and Assembly languages are included.

About the Author
Kris Kaspersky is a technical writer and the author of CD Cracking Uncovered, Code Optimization, and Hacker Disassembling Uncovered.

Download :

The ShellCoder's Handbook : - Discovering and Exploiting Security Holes, 2nd Edition


You have in your hands The Shellcoder's Handbook Second Edition: Discovering and
Exploiting Security Holes. The first edition of this volume attempted to show the
reader how security vulnerabilities are discovered and exploited, and this
edition holds fast to that same objective. If you're a skilled network auditor,
software developer, or sysadmin and you want to understand how bugs are
found and how exploits work at the lowest level, you've come to the right place.
So what's this book about? Well, the preceding quotation more or less sums
it up. This book is mostly concerned with arbitrary code execution vulnerabilities,
by which we mean bugs, that allow attackers to run code of their choice
on the target machine. This generally happens when a program interprets a
piece of data as a part of the program— part of an http "Host" header
becomes a return address, part of an email address becomes a function pointer,
and so on. The program ends up executing the data the attacker supplied with
disastrous effects. The architecture of modern processors, operating systems,
and compilers lends itself toward this kind of problem— as the good Countess
wrote, "the symbols of operation are frequently also the symbols of the
results of operations." Of course, she was writing about the difficulty of discussing
mathematics when the number "5" might also mean "raised to the
power of 5" or "the fifth element of a series," but the basic idea is the same. If
you confuse code and data, you're in a world of trouble. So, this book is about
code and data, and what happens when the two become confused.

PDF | 745 pages | 8.7 MB


Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.