• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Buffer Overflow books???

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Programming and More

View previous topic :: View next topic  
Author Message
kohai
Just Arrived
Just Arrived


Joined: 27 Aug 2003
Posts: 2
Location: New Brunswick - Canada

Offline

PostPosted: Fri Mar 12, 2004 9:36 pm    Post subject: Buffer Overflow books??? Reply with quote

Hi everyone i was just wondering if anyone here has herd of any buffer overflow books?
If not anyone read any good programming books lately? IF not any have any suggestions on assembly language books.
Back to top
View user's profile Send private message MSN Messenger
grinler
Just Arrived
Just Arrived


Joined: 08 Aug 2003
Posts: 0


Offline

PostPosted: Fri Mar 12, 2004 10:27 pm    Post subject: Reply with quote

There is a new book out that goes over buffer overflows and other scenerios like that. I personally have not picked it up yet, but it looks interesting. THe book is called: Exploiting Software : How to Break Code by Greg Hoglund (Author), Gary McGraw (Author).

There is also a tutorial called "Smashing the stack for fun and profit" that can be found all over the web that goes into good detail about BOF attacks. It can be found here http://www.insecure.org/stf/smashstack.txt.

Hope that helps.
[/url]
Back to top
View user's profile Send private message Visit poster's website
Seeker
Just Arrived
Just Arrived


Joined: 29 Jun 2003
Posts: 1


Offline

PostPosted: Sat Mar 13, 2004 12:10 am    Post subject: Reply with quote

There is also a book out called "Hacking: The Art of Exploitation" by Jon Erickson. The reviews have been mixed. Best to make up your own mind about it. But I know there is an excellent review on this site that may help. Url: http://www.security-forums.com/forum/viewtopic.php?t=10568
Back to top
View user's profile Send private message
Dunceor
Just Arrived
Just Arrived


Joined: 05 Sep 2003
Posts: 4
Location: Sweden

Offline

PostPosted: Sat Mar 13, 2004 10:14 am    Post subject: Reply with quote

I have ordered both Hacking - The Art of Exploition and How To Break Code, they are both good books but if you want buffer overflows and how to code exploits I suggest you only order Jon Ericksons book (hacking - the art of exploition).

There is a new book that is due for 22 march that I have ordered that looks good:
The Shellcoder's Handbook : Discovering and Exploiting Security Holes
http://www.amazon.com/exec/obidos/tg/detail/-/0764544683/002-7759482-1800050?%5Fencoding=UTF8
Back to top
View user's profile Send private message Visit poster's website
Zarnick
Just Arrived
Just Arrived


Joined: 27 Mar 2003
Posts: 1
Location: Brazil

Offline

PostPosted: Wed Mar 17, 2004 1:17 am    Post subject: Reply with quote

Dunceor wrote:
I have ordered both Hacking - The Art of Exploition and How To Break Code, they are both good books but if you want buffer overflows and how to code exploits I suggest you only order Jon Ericksons book (hacking - the art of exploition).

There is a new book that is due for 22 march that I have ordered that looks good:
The Shellcoder's Handbook : Discovering and Exploiting Security Holes
http://www.amazon.com/exec/obidos/tg/detail/-/0764544683/002-7759482-1800050?%5Fencoding=UTF8


My copy of Hacking - The Art of exploitation have just arived yesterday, and I can tell you for the little I've read, it is a excelent exploitation coding book, it tells you the theory bout memory, and where the heck are your functions, and then it present you with exemples and more exemples on how to explore some vulnerabilities.
If you do like hard work, and hard coding, then this book will be a great book for you.

I'm holding my finger on this Shellcode book, when it launches, a copy will be mine.
hehe
Twisted Evil Twisted Evil Twisted Evil Twisted Evil
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
Dunceor
Just Arrived
Just Arrived


Joined: 05 Sep 2003
Posts: 4
Location: Sweden

Offline

PostPosted: Wed Mar 17, 2004 8:57 am    Post subject: Reply with quote

They have changed it to 29th march now, I want my copy!!! Sad
Back to top
View user's profile Send private message Visit poster's website
Zarnick
Just Arrived
Just Arrived


Joined: 27 Mar 2003
Posts: 1
Location: Brazil

Offline

PostPosted: Thu Mar 18, 2004 1:58 am    Post subject: Reply with quote

Dunceor wrote:
They have changed it to 29th march now, I want my copy!!! Sad


Well, I still need the money...so I gues.....whatever..hehe....I will buy it....but maybe not now..hehe
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
nullptr
Just Arrived
Just Arrived


Joined: 18 Feb 2004
Posts: 0


Offline

PostPosted: Thu May 20, 2004 5:56 pm    Post subject: Reply with quote

Have anyone read this shellcoder's handbook yet?

If so, any chance there will be a review on this site?

I'm looking into maybe getting it soon, but I'll probably get "hacking: art of exploitation" as well...
Back to top
View user's profile Send private message
Dunceor
Just Arrived
Just Arrived


Joined: 05 Sep 2003
Posts: 4
Location: Sweden

Offline

PostPosted: Thu May 20, 2004 6:00 pm    Post subject: Reply with quote

Nullptr: Yes I got the shellcoders handbook and it's a really great book.
I can't write an official SFDC book review but I'm writing on my own that is gonna be posted on my own site when it's done (in a few weeks).

I recommend you not to buy Hacking - The Art of Exploitaiton if you are gonna buy the Shellcoders Handbook since they cover the same stuff except that Shellcoders handbook covers it better and more indepth.

Shellcoders handbook got it all when it comes to writing exploits and vulnerability testing, stack/heap for linux, windows, solaris, tru64 and kernel overflows, fuzzy testing, u name it...
Back to top
View user's profile Send private message Visit poster's website
nullptr
Just Arrived
Just Arrived


Joined: 18 Feb 2004
Posts: 0


Offline

PostPosted: Thu May 20, 2004 6:20 pm    Post subject: Reply with quote

Thanks man, that was fast ;D

I'll order this book as soon as I get x86 asm down a little better.
Back to top
View user's profile Send private message
union
Just Arrived
Just Arrived


Joined: 16 Mar 2003
Posts: 1
Location: Slovenia

Offline

PostPosted: Fri May 21, 2004 1:18 pm    Post subject: Reply with quote

I can only second Dunceors opinion, i have bought shellcoders handbook and so far it has great stuff in it. What i like about it is that its not trying to be for everyone book but is strait to the point advanced level book.

I havent read Hacking the art of Exploitation so i cant compare the two.


The best intro to buffer overflows or Unexpected input in general that i have read would have to be in book Hackproofing your network 2ed

HTH
Union
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Programming and More All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register