没有合适的资源?快使用搜索试试~ 我知道了~
首页黑客艺术:利用技术的全面教程
黑客艺术:利用技术的全面教程
需积分: 10 3 下载量 27 浏览量
更新于2024-07-21
收藏 9.16MB PDF 举报
《黑客艺术:利用的艺术》是一本经典的IT技术书籍,专注于介绍和探讨黑客技术及漏洞利用方法。这本书被誉为是黑客领域的权威指南,不仅教授如何使用已知的漏洞,还深入讲解了如何开发和创造新的攻击手段。作者Jon Erickson以其深厚的专业知识和实践经验,为读者提供了实用的代码、工具和案例分析,使得即使是初学者也能从中获益。 在第一版中,作者全面详尽地展示了黑客技术的各个方面,包括网络攻防策略、漏洞识别、系统渗透、编码技巧等,强调了理解和掌握漏洞原理的重要性,而非仅仅停留在应用层面。书中包含了大量的实际代码示例,使读者能够通过实践学习和提升技能。 评论家们对此书给予了高度评价,Phrack杂志赞誉其为最完整的黑客技术教程,认为它打破了仅仅提供现成工具的模式,而是引导读者理解这些工具背后的原理。Security Forums称它是黑客手册中的经典之作,Unix Review则特别推荐其编程部分。IEEE Cipher杂志也对作者的专业素养表示赞赏,指出书中提供的内容既实用又有深度。 对于初级黑客而言,Computer Power User(CPU)杂志称《黑客艺术》是一本充满真实代码和实用技巧的简洁指南,非常适合那些希望进入高级阶段的读者。About.com的互联网/网络安全频道更是推荐这本书,鼓励读者深入研究,以便提升到更高的网络安全水平。 第二版的《黑客艺术:利用的艺术》在2008年出版,进一步更新和完善了内容,反映了当时最新的技术和安全威胁,确保读者始终掌握前沿的黑客知识。这是一本不可多得的IT专业书籍,无论你是想要入门学习,还是希望提升黑客防范意识和技能,这本书都是不可或缺的参考资料。
资源详情
资源推荐
2 0x100
The rules for this problem are well defined and simple, yet the answer
eludes many. Like the solution to this problem (shown on the last page of
this book), hacked solutions follow the rules of the system, but they use those
rules in counterintuitive ways. This gives hackers their edge, allowing them to
solve problems in ways unimaginable for those confined to conventional
thinking and methodologies.
Since the infancy of computers, hackers have been creatively solving
problems. In the late 1950s, the MIT model railroad club was given a dona-
tion of parts, mostly old telephone equipment. The club’s members used this
equipment to rig up a complex system that allowed multiple operators to con-
trol different parts of the track by dialing in to the appropriate sections. They
called this new and inventive use of telephone equipment hacking; many
people consider this group to be the original hackers. The group moved on
to programming on punch cards and ticker tape for early computers like the
IBM 704 and the TX-0. While others were content with writing programs that
just solved problems, the early hackers were obsessed with writing programs
that solved problems well. A new program that could achieve the same result
as an existing one but used fewer punch cards was considered better, even
though it did the same thing. The key difference was how the program
achieved its results—elegance.
Being able to reduce the number of punch cards needed for a program
showed an artistic mastery over the computer. A nicely crafted table can hold
a vase just as well as a milk crate can, but one sure looks a lot better than the
other. Early hackers proved that technical problems can have artistic solu-
tions, and they thereby transformed programming from a mere engineering
task into an art form.
Like many other forms of art, hacking was often misunderstood. The few
who got it formed an informal subculture that remained intensely focused
on learning and mastering their art. They believed that information should
be free and anything that stood in the way of that freedom should be circum-
vented. Such obstructions included authority figures, the bureaucracy of
college classes, and discrimination. In a sea of graduation-driven students,
this unofficial group of hackers defied conventional goals and instead pursued
knowledge itself. This drive to continually learn and explore transcended
even the conventional boundaries drawn by discrimination, evident in the
MIT model railroad club’s acceptance of 12-year-old Peter Deutsch when
he demonstrated his knowledge of the TX-0 and his desire to learn. Age,
race, gender, appearance, academic degrees, and social status were not
primary criteria for judging another’s worth—not because of a desire for
equality, but because of a desire to advance the emerging art of hacking.
The original hackers found splendor and elegance in the conventionally
dry sciences of math and electronics. They saw programming as a form of
artistic expression and the computer as an instrument of that art. Their desire
to dissect and understand wasn’t intended to demystify artistic endeavors; it
was simply a way to achieve a greater appreciation of them. These knowledge-
driven values would eventually be called the Hacker Ethic: the appreciation
of logic as an art form and the promotion of the free flow of information,
surmounting conventional boundaries and restrictions for the simple goal of
www.it-ebooks.info
Introduction 3
better understanding the world. This is not a new cultural trend; the
Pythagoreans in ancient Greece had a similar ethic and subculture, despite
not owning computers. They saw beauty in mathematics and discovered many
core concepts in geometry. That thirst for knowledge and its beneficial by-
products would continue on through history, from the Pythagoreans to Ada
Lovelace to Alan Turing to the hackers of the MIT model railroad club.
Modern hackers like Richard Stallman and Steve Wozniak have continued
the hacking legacy, bringing us modern operating systems, programming
languages, personal computers, and many other technologies that we use
every day.
How does one distinguish between the good hackers who bring us the
wonders of technological advancement and the evil hackers who steal our
credit card numbers? The term cracker was coined to distinguish evil hackers
from the good ones. Journalists were told that crackers were supposed to be
the bad guys, while hackers were the good guys. Hackers stayed true to the
Hacker Ethic, while crackers were only interested in breaking the law and
making a quick buck. Crackers were considered to be much less talented
than the elite hackers, as they simply made use of hacker-written tools and
scripts without understanding how they worked. Cracker was meant to be the
catch-all label for anyone doing anything unscrupulous with a computer—
pirating software, defacing websites, and worst of all, not understanding what
they were doing. But very few people use this term today.
The term’s lack of popularity might be due to its confusing etymology—
cracker originally described those who crack software copyrights and reverse
engineer copy-protection schemes. Its current unpopularity might simply
result from its two ambiguous new definitions: a group of people who engage
in illegal activity with computers or people who are relatively unskilled hackers.
Few technology journalists feel compelled to use terms that most of their
readers are unfamiliar with. In contrast, most people are aware of the mystery
and skill associated with the term hacker, so for a journalist, the decision to
use the term hacker is easy. Similarly, the term script kiddie is sometimes used
to refer to crackers, but it just doesn’t have the same zing as the shadowy
hacker. There are some who will still argue that there is a distinct line between
hackers and crackers, but I believe that anyone who has the hacker spirit is a
hacker, despite any laws he or she may break.
The current laws restricting cryptography and cryptographic research
further blur the line between hackers and crackers. In 2001, Professor Edward
Felten and his research team from Princeton University were about to publish
a paper that discussed the weaknesses of various digital watermarking schemes.
This paper responded to a challenge issued by the Secure Digital Music
Initiative (SDMI) in the SDMI Public Challenge, which encouraged the
public to attempt to break these watermarking schemes. Before Felten and
his team could publish the paper, though, they were threatened by both the
SDMI Foundation and the Recording Industry Association of America (RIAA).
The Digital Millennium Copyright Act (DCMA) of 1998 makes it illegal to
discuss or provide technology that might be used to bypass industry con-
sumer controls. This same law was used against Dmitry Sklyarov, a Russian
computer programmer and hacker. He had written software to circumvent
www.it-ebooks.info
4 0x100
overly simplistic encryption in Adobe software and presented his findings at a
hacker convention in the United States. The FBI swooped in and arrested
him, leading to a lengthy legal battle. Under the law, the complexity of the
industry consumer controls doesn’t matter—it would be technically illegal to
reverse engineer or even discuss Pig Latin if it were used as an industry con-
sumer control. Who are the hackers and who are the crackers now? When
laws seem to interfere with free speech, do the good guys who speak their
minds suddenly become bad? I believe that the spirit of the hacker transcends
governmental laws, as opposed to being defined by them.
The sciences of nuclear physics and biochemistry can be used to kill,
yet they also provide us with significant scientific advancement and modern
medicine. There’s nothing good or bad about knowledge itself; morality lies
in the application of knowledge. Even if we wanted to, we couldn’t suppress
the knowledge of how to convert matter into energy or stop the continued
technological progress of society. In the same way, the hacker spirit can
never be stopped, nor can it be easily categorized or dissected. Hackers will
constantly be pushing the limits of knowledge and acceptable behavior,
forcing us to explore further and further.
Part of this drive results in an ultimately beneficial co-evolution of
security through competition between attacking hackers and defending
hackers. Just as the speedy gazelle adapted from being chased by the cheetah,
and the cheetah became even faster from chasing the gazelle, the competi-
tion between hackers provides computer users with better and stronger
security, as well as more complex and sophisticated attack techniques. The
introduction and progression of intrusion detection systems (IDSs) is a prime
example of this co-evolutionary process. The defending hackers create IDSs
to add to their arsenal, while the attacking hackers develop IDS-evasion
techniques, which are eventually compensated for in bigger and better IDS
products. The net result of this interaction is positive, as it produces smarter
people, improved security, more stable software, inventive problem-solving
techniques, and even a new economy.
The intent of this book is to teach you about the true spirit of hacking.
We will look at various hacker techniques, from the past to the present,
dissecting them to learn how and why they work. Included with this book is
abootable LiveCD containing all the source code used herein as well as a
preconfigured Linux environment. Exploration and innovation are critical
to the art of hacking, so this CD will let you follow along and experiment on
your own. The only requirement is an x86 processor, which is used by all
Microsoft Windows machines and the newer Macintosh computers—just
insert the CD and reboot. This alternate Linux environment will not disturb
your existing OS, so when you’re done, just reboot again and remove the CD.
This way, you will gain a hands-on understanding and appreciation for hacking
that may inspire you to improve upon existing techniques or even to invent
new ones. Hopefully, this book will stimulate the curious hacker nature in you
and prompt you to contribute to the art of hacking in some way, regardless of
which side of the fence you choose to be on.
www.it-ebooks.info
0x200
PROGRAMMING
Hacker is a term for both those who write code and
those who exploit it. Even though these two groups of
hackers have different end goals, both groups use similar
problem-solving techniques. Since an understanding
of programming helps those who exploit, and an under-
standing of exploitation helps those who program, many
hackers do both. There are interesting hacks found in both the techniques
used to write elegant code and the techniques used to exploit programs.
Hacking is really just the act of finding a clever and counterintuitive
solution to a problem.
The hacks found in program exploits usually use the rules of the
computer to bypass security in ways never intended. Programming hacks are
similar in that they also use the rules of the computer in new and inventive
ways, but the final goal is efficiency or smaller source code, not necessarily a
security compromise. There are actually an infinite number of programs that
www.it-ebooks.info
6 0x200
can be written to accomplish any given task, but most of these solutions are
unnecessarily large, complex, and sloppy. The few solutions that remain
are small, efficient, and neat. Programs that have these qualities are said to
have elegance, and the clever and inventive solutions that tend to lead to
this efficiency are called hacks. Hackers on both sides of programming
appreciate both the beauty of elegant code and the ingenuity of clever hacks.
In the business world, more importance is placed on churning out func-
tional code than on achieving clever hacks and elegance. Because of the
tremendous exponential growth of computational power and memory,
spending an extra five hours to create a slightly faster and more memory-
efficient piece of code just doesn’t make business sense when dealing with
modern computers that have gigahertz of processing cycles and gigabytes of
memory. While time and memory optimizations go without notice by all but
the most sophisticated of users, a new feature is marketable. When the
bottom line is money, spending time on clever hacks for optimization just
doesn’t make sense.
True appreciation of programming elegance is left for the hackers:
computer hobbyists whose end goal isn’t to make a profit but to squeeze
every possible bit of functionality out of their old Commodore 64s, exploit
writers who need to write tiny and amazing pieces of code to slip through
narrow security cracks, and anyone else who appreciates the pursuit and the
challenge of finding the best possible solution. These are the people who get
excited about programming and really appreciate the beauty of an elegant
piece of code or the ingenuity of a clever hack. Since an understanding of
programming is a prerequisite to understanding how programs can be
exploited, programming is a natural starting point.
0x210 What Is Programming?
Programming is a very natural and intuitive concept. A program is nothing
more than a series of statements written in a specific language. Programs are
everywhere, and even the technophobes of the world use programs every day.
Driving directions, cooking recipes, football plays, and DNA are all types of
programs. A typical program for driving directions might look something
like this:
Start out down Main Street headed east. Continue on Main Street until you see
a church on your right. If the street is blocked because of construction, turn
right there at 15th Street, turn left on Pine Street, and then turn right on
16th Street. Otherwise, you can just continue and make a right on 16th Street.
Continue on 16th Street, and turn left onto Destination Road. Drive straight
down Destination Road for 5 miles, and then you'll see the house on the right.
The address is 743 Destination Road.
Anyone who knows English can understand and follow these driving
directions, since they’re written in English. Granted, they’re not eloquent,
but each instruction is clear and easy to understand, at least for someone
who reads English.
www.it-ebooks.info
剩余491页未读,继续阅读
shuishoudage
- 粉丝: 0
- 资源: 1
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
- C++标准程序库:权威指南
- Java解惑:奇数判断误区与改进方法
- C++编程必读:20种设计模式详解与实战
- LM3S8962微控制器数据手册
- 51单片机C语言实战教程:从入门到精通
- Spring3.0权威指南:JavaEE6实战
- Win32多线程程序设计详解
- Lucene2.9.1开发全攻略:从环境配置到索引创建
- 内存虚拟硬盘技术:提升电脑速度的秘密武器
- Java操作数据库:保存与显示图片到数据库及页面
- ISO14001:2004环境管理体系要求详解
- ShopExV4.8二次开发详解
- 企业形象与产品推广一站式网站建设技术方案揭秘
- Shopex二次开发:触发器与控制器重定向技术详解
- FPGA开发实战指南:创新设计与进阶技巧
- ShopExV4.8二次开发入门:解决升级问题与功能扩展
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功