The book covers various common exploits in applications in the linux operating system, currently the most widely used system from servers to watches. While the book is a bit dated and most programmers are now more aware of these types of exploits, they are easy mistakes to make and as such can still arise in modern software. It covers exploits in the C programming language and the linux network stack.
+commentary
+commentary pt.2
+commentary pt.3
top five learnings
There are 5 OSI layers to the network stack, each one more specialized than the last
You can write to arbitrary addresses in memory by abusing the C standard library printf function, specifically the %n parameter
There are multiple standards for web communication: TCP, which is for standard IP transfer, and UDP, which is minimal and can be extended if need be (used a lot in online games)
You can intercept TCP packets using standard libc socket functions, and you might even be able to find some hidden info (although not as often now because encrypted transfer protocols are becoming more standard)
Executable formats can be decompiled and examined in a variety of ways, using debuggers, disassemblers, etc
