This chapter digs into the details of the programming mistakes that lead to exploits. If you don’t have any programming experience, you might find some of this material challenging, but most of the chapter will be accessible. The chapter does assume that you’re familiar with basic programming concepts.

This chapter is not about how to create your own exploits. There are quite enough people out there writing exploits, and there is plenty of information about how to do it. Even so, writing stable exploits that don’t blow up is difficult. Because more and more software is compiled using countermeasures such as stack tampering protection, more and more attacks that previously led to escalation of privilege are turning ...