Yesterday I blogged about reprinted material in Syngress' "new" Writing Security Tools and Exploits. A commment on that post made me take another look at this book in light of other books by James Foster already published by Syngress. Here is what I found.
- Chapter 3, "Exploits: Stack" is the same as Chapter 5, "Stack Overflows" in Buffer Overflow Attacks, published several months ago.
- Chapter 4, "Exploits: Heap" is the same as Chapter 6, "Heap Corruption" in Buffer.
- Chapter 5, "Exploits: Format String" is the same as Chapter 7, "Format String Attacks" in Buffer.
- Chapter 6, "Writing Exploits I" is the same as Chapter 10, "Writing Exploits I" in Sockets, Shellcode, Porting, and Coding, another Syngress book by Foster published several months ago.
- Chapter 7, "Writing Exploits II" is the same as Chapter 11, "Writing Exploits II" in Sockets.
- Chapter 8, "Coding for Ethereal" appears to be Chapters 11, "Capture File Formats", and 12, "Protocol Dissectors", from Nessus, Snort, and Ethereal Power Tools.
- Chapter 9, "Coding for Nessus" is the same as Chapter 2, "NASL Scripting" in Sockets and Chapter 9 in Penetration Tester's Open Source Toolkit.
- Appendix A, "Data Conversion Reference" is the same as Appendix A in Buffer.
- Appendix B, "Syscall Reference" is the same as Appendix B in Buffer and Appendix D in Sockets.
At the end of the day this 12 chapter Writing book offers only Chapters 1, 2, 10, 11, and 12 as new material.
I decided to next take a look at Sockets, Shellcode, Porting, and Coding to see what material it may have duplicated. Here is what I found.
- Chapter 8, "Writing Shellcode I" appears the same as Chapter 2, "Understanding Shellcode" in the previously published Buffer Overflow Attacks.
- Chapter 9, "Writing shellcode II" appears the same as Chapter 3, "Writing Shellcode" in Buffer.
- Several of the case studies appear to be duplicates of material from Buffer, like "xlockmore User-Supplied Format String Vulnerability", "X11R6 4.2 XLOCALEDIR Overflow", and "OpenSSL SSLv2 Malformed Client Key Remote Buffer".
I guess it's easier to be "authored in over fifteen books" when your material is recycled.
0 komentar:
Posting Komentar