Hacking Binary Programs and Exploit Analysis  book cover
1st Edition

Hacking Binary Programs and Exploit Analysis

  • Available for pre-order. Item will ship after January 15, 2021
ISBN 9781138197596
January 15, 2021 Forthcoming by Chapman and Hall/CRC
300 Pages 20 B/W Illustrations

SAVE ~ $15.99
was $79.95
USD $63.96

Prices & shipping based on shipping country


Book Description

This book provides the reader a dynamic educational experience focused on stack based binary exploits. It provides a guide for educators in developing course syllabi and coursework for students. The goal of this book can further the education of important security topics of binary exploits focused on the execution stack of a program. The book will feature rich text descriptions paired with end-of-chapter exercises and comprehensive live examples with a ready-made Virtual Machine image that can be used directly for instruction. Readers will also develop new skills in how to analyze programs for such vulnerabilities, and how to exploit programs to executie arbitrary code.

Table of Contents

Unit 1: Understanding the Execution Stack and Binary Programs: 1. Binary Programs and Tools of Analysis, 2. C Programming Primer, 3. Hello Assembly and Reversing, 4. Execution Stack and Return Addresses, 5. Butters and Stack Smashing; Unit 2: Shell Code and Loading Shell Code, 6. What is shell code?, 7. Writing Shell Code, smaller and smaller, 8. Shell Code Variants: Remote Shell Code, 9. Obfuscated Shell Code, 10. Egg Hunt Shell Code, 11. Using the environment, 12. Format String Attacks; Unite 3: Defenses and Subverting those Defenses, 13. Address Space Layout Randomization (ASLR), 14. Non-Executable Stack: Return to LIb C, 15. Global Offset Table, 16. Return Oriented Programming, 17. Stack Pivoting

View More



Adam J. Aviv is an assistant professor at the United States Naval Academy. He received his Ph.D from the University of Pennsylvania, and his research area is in mobile device authentication. He has worked and published on varied topics, including applied cryptography, network security, and electronic voting. He is perhaps best known for his analysis of vulnerabilities in graphical password on touch screen devices, so call "smudge attacks."