Sabtu, 24 Desember 2005

Reprinting Security Tools and Exploits

07.43    No comments

Yesterday I blogged about reprinted material in Syngress' "new" Writing Security Tools and Exploits. A commment on that post made me take another look at this book in light of other books by James Foster already published by Syngress. Here is what I found.


  • Chapter 3, "Exploits: Stack" is the same as Chapter 5, "Stack Overflows" in Buffer Overflow Attacks, published several months ago.

  • Chapter 4, "Exploits: Heap" is the same as Chapter 6, "Heap Corruption" in Buffer.

  • Chapter 5, "Exploits: Format String" is the same as Chapter 7, "Format String Attacks" in Buffer.

  • Chapter 6, "Writing Exploits I" is the same as Chapter 10, "Writing Exploits I" in Sockets, Shellcode, Porting, and Coding, another Syngress book by Foster published several months ago.

  • Chapter 7, "Writing Exploits II" is the same as Chapter 11, "Writing Exploits II" in Sockets.

  • Chapter 8, "Coding for Ethereal" appears to be Chapters 11, "Capture File Formats", and 12, "Protocol Dissectors", from Nessus, Snort, and Ethereal Power Tools.

  • Chapter 9, "Coding for Nessus" is the same as Chapter 2, "NASL Scripting" in Sockets and Chapter 9 in Penetration Tester's Open Source Toolkit.

  • Appendix A, "Data Conversion Reference" is the same as Appendix A in Buffer.

  • Appendix B, "Syscall Reference" is the same as Appendix B in Buffer and Appendix D in Sockets.


At the end of the day this 12 chapter Writing book offers only Chapters 1, 2, 10, 11, and 12 as new material.

I decided to next take a look at Sockets, Shellcode, Porting, and Coding to see what material it may have duplicated. Here is what I found.

  • Chapter 8, "Writing Shellcode I" appears the same as Chapter 2, "Understanding Shellcode" in the previously published Buffer Overflow Attacks.

  • Chapter 9, "Writing shellcode II" appears the same as Chapter 3, "Writing Shellcode" in Buffer.

  • Several of the case studies appear to be duplicates of material from Buffer, like "xlockmore User-Supplied Format String Vulnerability", "X11R6 4.2 XLOCALEDIR Overflow", and "OpenSSL SSLv2 Malformed Client Key Remote Buffer".


I guess it's easier to be "authored in over fifteen books" when your material is recycled.

0 komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)