Saturday, December 24, 2005

Reprinting Security Tools and Exploits

Yesterday I blogged about reprinted material in Syngress' "new" Writing Security Tools and Exploits. A commment on that post made me take another look at this book in light of other books by James Foster already published by Syngress. Here is what I found.

  • Chapter 3, "Exploits: Stack" is the same as Chapter 5, "Stack Overflows" in Buffer Overflow Attacks, published several months ago.

  • Chapter 4, "Exploits: Heap" is the same as Chapter 6, "Heap Corruption" in Buffer.

  • Chapter 5, "Exploits: Format String" is the same as Chapter 7, "Format String Attacks" in Buffer.

  • Chapter 6, "Writing Exploits I" is the same as Chapter 10, "Writing Exploits I" in Sockets, Shellcode, Porting, and Coding, another Syngress book by Foster published several months ago.

  • Chapter 7, "Writing Exploits II" is the same as Chapter 11, "Writing Exploits II" in Sockets.

  • Chapter 8, "Coding for Ethereal" appears to be Chapters 11, "Capture File Formats", and 12, "Protocol Dissectors", from Nessus, Snort, and Ethereal Power Tools.

  • Chapter 9, "Coding for Nessus" is the same as Chapter 2, "NASL Scripting" in Sockets and Chapter 9 in Penetration Tester's Open Source Toolkit.

  • Appendix A, "Data Conversion Reference" is the same as Appendix A in Buffer.

  • Appendix B, "Syscall Reference" is the same as Appendix B in Buffer and Appendix D in Sockets.


At the end of the day this 12 chapter Writing book offers only Chapters 1, 2, 10, 11, and 12 as new material.

I decided to next take a look at Sockets, Shellcode, Porting, and Coding to see what material it may have duplicated. Here is what I found.

  • Chapter 8, "Writing Shellcode I" appears the same as Chapter 2, "Understanding Shellcode" in the previously published Buffer Overflow Attacks.

  • Chapter 9, "Writing shellcode II" appears the same as Chapter 3, "Writing Shellcode" in Buffer.

  • Several of the case studies appear to be duplicates of material from Buffer, like "xlockmore User-Supplied Format String Vulnerability", "X11R6 4.2 XLOCALEDIR Overflow", and "OpenSSL SSLv2 Malformed Client Key Remote Buffer".


I guess it's easier to be "authored in over fifteen books" when your material is recycled.

12 comments:

Anonymous said...



Couldn't agree with you more, he has used other authors material without even asking for their permission

Anonymous said...

This should be also put on Amazon as a first review.

Richard Bejtlich said...

Bold Anonymous, can you provide an example?

chris walsh said...

Not sure if one can "search inside" Syngress titles @Amazon, but it would be interesting to harness that ability to take a broader look at the extent to which they recycle content.

Somebody also should drop Peter Salus a line about this.

Anonymous said...

This is disappointing, to say the least. ...very disappointing. I truly hope Syngress explains this.

-LonerVamp

chuck said...

Richard,

Great find. I always wondered how Syngress was putting out so many books in such little time. I had always questioned the quailty (in some of their books) but now I'll have to question a little more. I've been lucky enough to re-purchase parts of one book within another to date, but I'll be sure to double check that from now on.

Again, another great find. By the way, I just purchased your book at the local Borders and plan on reading it at the start of the New Year!

Thanks again for a great year full of excellent content and look forward to what you'll do in the future.

Sincerely,
Chuck

Anonymous said...

Thanks RB.

I have to say, this does blow chunks! I have been looking forward to the Pen Testers Tool Kit book for a long time and was hoping it to be a good book to read adn learn from. Now it looks not too good.

geek00L said...

Apparently this is unforgiven, Syngress should has already known this before publishing, the new book with old contents, don't they know it will be discovered eventually especially people who reading their book. I guess no one would tolerate with this since they think reader is stupid. Anyway thanks to Richard for the great findings and Merry Xmas :]

Albert Gonzalez said...

That is disappointing, I mean, its not uncommon to recycle certain parts of the book, but so many chapters? They need to look at the content instead of just publishing. And then they wonder why people use pirated copies of books.

Anonymous said...

The book content was used without the permission of the actual authors - shame on Foster for screwing over people who trusted him and making a somewhat crappy publisher that much worse.

Piqous.Kerberos said...

I have been writing to apply refund from Syngress already.

Anonymous said...

piquos bro ... u need not apply for a refund if you used ebooks like me.They're free and they're out as soon as their hardcopy comes up. Iam not rich enough to buy books, so I google for it :))

Cheers
Vx