Exploiting Software: How to Break Code, reviewed by Charles Hornat; February 4, 2004
Five years ago, I was really hard pressed to find books that taught me something I did not know, and that would challenge me to understand the topic or present it in a way that made me want to learn more. Today, it seems the book market is improving greatly. And the book entitled Exploiting Software: How to Break Code is a fine example. It's another one I would recommend to my staff to read and understand. It's brilliant!
The authors kick off with some basics in the first chapter, but progress into chapter two and three discussions about attack patterns and reverse engineering. They discuss tools and approaches that I have heard of, but never seen laid out in a structured explanation. Topics include fault injectors, debuggers and disassemblers. The following chapters cover methods of exploiting server and client software and place great emphasis on how to craft malicious input and in explaining Null Pointers and pointer operations. Also looked at are Buffer Overflows and Rootkits. And for those of you who don't know Greg Hoglund's past work, visit www.rootkit.com.
[+] This is a "Should buy" book for any software developers or those interested in how and where code is weak. Add rootkits into the mix, and it's a very well written book. These authors display an uncanny perspective and prove they are subject matter experts.
[-] Now, on the other hand, I am so sick of everything being spun to hackers or attackers. This is clearly read on the back cover of the book and I quote, "Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software." I am sick of this spin. It should be re-titled: how to not write code, versus how "bad guys" will break your code. But hey, I guess it sells.