The most important thing when running a home server was security.
No matter how nicely I built the website features, once I got hit by hacking attempts coming from all directions, everything became useless.
The last time I got hacked for three days straight, I was genuinely terrified.
So I decided to study hacking.
On YouTube, people said a book called 해킹 맛보기 (“A Taste of Hacking”) was like a bible, so I bought it…
But I failed to notice that the publication date was 2015.
Eventually the book arrived, and as I opened it and saw addresses with Internet Explorer, old Chrome, and http in them, I realized something was wrong.
According to Moore’s law, semiconductor density grows exponentially (powers of 2), so a book from 10 years ago is like a book from 100–300 years ago.
It’s like saying you’ll study gravity by reading Newton’s Principia.
But it was already too late.
I figured I should just read it as quickly as possible and be content with grasping the overall flow.
1. A look at the contents
Chapter 1) A taste
The “taste” section in Chapter 1 is now so outdated that a lot of it is no longer accurate.
Still, there are things to learn.
The hacking site the author introduces, Wechall, is now old, and sites like TryHackMe and Hack The Box are said to have much higher market share.
Item | WeChall | TryHackMe | Hack The Box |
|---|---|---|---|
Main use | Rankings and collection of various war games | Beginner–intermediate security practice + learning | Real-world penetration testing + advanced practice |
Number of users | (No official figures) | ~4.5M users | Very active, popular in the industry |
Learning structure | Mainly a collection of external war-game links | Step-by-step learning courses + CTF | Focused on hands-on hacking of real systems |
Main audience | War-game fans, score competition | Beginner–intermediate security learners | Intermediate–experts and those preparing for real-world work |
The 2drunk2hack event is also gone, and hacking tools like Paros are now considered legacy.
Even so, by reading the book I learned that there are dedicated hacking tools.
Legacy tools don’t need to be mastered, so it’s enough to just think, oh, so this kind of thing exists, and move on.
Item | Paros | Burp | ZAP | mitmproxy |
|---|---|---|---|---|
Maintenance | ❌ Stopped | ✅ Active | ✅ Active | ✅ Active |
Up-to-date HTTPS support | ❌ | ✅ | ✅ | ✅ |
Use in the field | ❌ | ✅ Overwhelmingly popular | △ | △ |
Automation | ❌ | △ | △ | ✅ |
Free | ✅ | ❌ (Pro) | ✅ | ✅ |
The YouTuber I currently subscribe to, Nomaltic Place, also introduces war-game sites like OverTheWire.
The content below seems a bit more useful than Chapter 1 of this book.
Chapter 2) Web hacking
In the web hacking chapter, it starts from installing PHP and MySQL, then briefly touches on vulnerability discovery using search, file uploads, cross-site attacks, and query injection.
The Google hacking part was quite fresh: you search for vulnerabilities exposed due to the site operator’s mistakes, like below.
Purpose | Search example |
|---|---|
Exposed backup files |
|
Exposed environment variables |
|
Directory listing |
|
Log files |
|
Config files |
|
Cameras |
|
Admin pages |
|
There was also a hacking method using uploaded images.
You inject something like <img src="/board/file/shell.php> into the image tag to execute a shell.
Once, when I had left an image proxy API open on my home server, some guy planted onerror={} inside an image tag and tried to use the fetch function and some commands to download and execute a file, but I saw that he failed to obtain admin privileges.
There was also content about creating a Web Shell.
The author introduces C99, but that’s a thing of the past.
These days, lightweight, encrypted shells are used much more.
Period | Mainstream web shells | Characteristics |
|---|---|---|
2000s–2010s | C99, R57, WSO | Feature-focused, PHP-based, large and conspicuous |
Mid-2020s | China Chopper variants | Lightweight + stealth + encryption |
Recent (2024–2025) | Beima PHP webshell types and custom/encrypted shells | JSON interface, encrypted requests, C2 integration |
I’d known about query injection for a long time, but reading the book helped me get a more detailed understanding.
The important thing is that you must not trust user input.
You must ensure there’s always a validation process before anything hits the backend.
Chapter 3) Reverse engineering
Reverse engineering means taking an existing program and breaking it back down.
In simple terms, you can think of it as taking a .exe file compiled from Python using pyinstaller and turning it back into .py.
The author introduces Visual Studio Express and OllyDbg.
I put together a list of up-to-date reversing tools.
Tool | Main use | Characteristics | Platform |
|---|---|---|---|
Ghidra | Static analysis + decompilation | Powerful open-source framework with decompiler, developed by the NSA | Windows / Linux / macOS |
Radare2 | Static analysis (commands/scripting) | Completely free and open source, CLI-centric, supports diverse binaries | Windows / Linux / macOS, etc. |
x64dbg | Dynamic debugging | 32/64-bit debugger for Windows, GUI, very popular | Windows |
Frida | Runtime dynamic analysis | Enables hooking/tracing of apps/binaries while running, strong in mobile analysis | Windows / Linux / macOS / mobile |
They say you end up punching a calculator a lot during reversing, but now you can just drop things into an automation tool like Cursor and be done.
Still, once obfuscation and similar techniques come into play, human interpretation is still needed.
They say the following areas are difficult for AI to interpret.
Area | Reason |
|---|---|
Logic errors | Issues of intent |
Boundary conditions | Design judgments |
Security/reversing | Context-dependent |
Outliers | Requires intuition |
Also, the part about computer architecture and assembly language is honestly insane.
I already knew about CPU architectures from before, but it was my first time learning that the places where variables are stored, numbers are calculated, and strings are stored are all different.
Looking at addition, conditionals, and loops converted into hex in assembly made my head spin.
After that came a practical reversing section using OllyDbg.
Since it’s a program I won’t be using anyway, I just skipped straight to Chapter 4.
Chapter 4) System hacking
System hacking is another term for operating system hacking.
There’s a section on installing Python and such, but I’ll focus mainly on the vulnerabilities.
(1) Command injection vulnerabilities
Command injection can occur when a developer blindly trusts user input.
For example, suppose we have the following code:
system("ping " + user_input);If the user enters ; rm -rf /, the developer ends up executing commands they never intended.
Whenever you accept user input, you must go through a validation process.
(2) Race condition attacks
Race condition attacks target the time gap between checking the state of a shared resource and using it, in multithreaded or multi-request environments.
They exploit situations where the order between checking and using a resource becomes misaligned.
The issue is how to catch this timing.
So attackers send requests quickly, concurrently, and in large numbers to slip into the gap between operations.
For example, imagine entering an amusement park in the following order:
Staff checks the visitor’s ticket -> Door opens -> Person whose ticket was checked enters -> Door closesIf person A gets their ticket checked first, but a latecomer B slips in through the open door, that’s a race condition attack.
To prevent this, you’d need a design like this:
1. Reduce shared state
2. Guarantee atomicity -> handle checking + entering at the same time
3. Use locks around code touching shared resources so only one request is processed at a time
4. Delegate to DB/storage
5. Handle temporary/shared files safely
6. Design retries/idempotency -> ensure the same request is processed only once(3) Memory corruption attacks
I was able to understand buffer overflow attacks in a bit more detail.
I had learned about overflow before when studying arrays in C, so it was somewhat easier.
In a situation like the one below, if the user input gets too long, adjacent memory is overwritten.
char arr[3];
scanf("%s", arr);Chapter 5) Bug hunting
Among bugs, those that can cause real problems are called security vulnerabilities.
Attackers use such vulnerabilities to gain privileges or attack users.
(1) Finding vulnerabilities
There are many ways to find vulnerabilities.
Source code auditing – Analyzing the code itself line by line to find vulnerabilities
Binary auditing – Analyzing compiled binaries when the software source is unavailable
Fuzzing – Automatically generating input for the software and exploring vulnerabilities through the results
(2) Types of vulnerabilities
Memory corruption – Stack overflow, heap overflow, null pointer dereference, use-after-free
Design – Logic that fails to fully consider the security aspect
(3) Bug hunting on the web
The book describes remote code execution on Zeroboard XE, but that’s far too old, so I decided to look into React2Shell, which happened recently.
It’s one of the biggest recent vulnerabilities, allowing remote shell and command execution.
The problem is that the attack is possible even on apps created with npx create-next-app that don’t have any APIs at all.
The attack method was implemented by a GitHub user, zr0n.
And if you go to AhnLab, they have a detailed analysis of the root cause and attack method.
To summarize just the core:
In the Flight stream, some reference/record resolution goes through Promise resolution (thenable assimilation), and the attacker uses weak __proto__ validation in the : path substitution to pollute the prototype. As a result, when methods like _response._formData.get are changed into Function, later normal code paths calling get(...) are turned into string execution. The thenable plays the role of triggering this altered path automatically.
The most important step is using the magic property __proto__ to pollute the prototype.
This attack technique is called Prototype Pollution.
(4) Bug hunting in various environments
The subsequent content deals with privilege escalation bugs on Android, and remote code execution in Windows apps like GOM Player and Hangul (the Korean word processor).
Chapter 6) Digital forensics
This chapter covers the characteristics of digital data, properties needed to guarantee evidential value, types of evidence, and so on.
The book is old, and I’m not very interested in digital forensics yet, so I just skimmed through.
Chapter 7) Vulnerability markets
For vulnerability markets, the book introduces black markets, but I’ve heard they’re now almost impossible to find.
Since I have no need for how to use black markets, I’ll just replace that part with the table below.
Type | Status |
|---|---|
Public black markets | ❌ Almost extinct |
Dark web forums | ⚠️ Shrinking / disguised |
Messenger-based private deals | ✅ Active |
Ransomware ecosystem | ✅ Very active |
Bug bounty | ✅ Legal route |
State/intelligence-agency gray market | ✅ High-value deals |
2. Reading impressions
By reading the book, I was able to build a basic conceptual framework for hacking.
Hacking is the process of finding security vulnerabilities, and that process is similar to thinking about the security of a house.
You consider where and how someone can get in, and how they obtain privileges after entering.
I found it pretty fun, and I’d like to keep studying hacking consistently.
In the past, it was hard to obtain coding-related information, but now, thanks to AI and the web, it’s become something anyone can easily access.
And it seems that 10 years is an incredibly long time in the development world.
So many of the topics covered in the book have already become obsolete.
If you want to understand hacking in depth now, it seems you need to either buy a different book or use online resources.
댓글을 불러오는 중...