Sockets, Shellcode, Porting, & Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals

Author - James C. Foster ... [Goo?] [Posters]
Author - Stuart McClure ... [Goo?] [Posters]

This Paperback Book item from Syngress was reviewed on 4-Nov-2008.

Search ISBN:1597490059 offer from Abebooks or used books from Alibris. Sockets, Shellcode, Porting, & Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals Reference Book. Classifications : All Amazon Upgrade Amazon Upgrade Custom Stores Specialty Stores Books Computers & Internet Amazon Upgrade Custom Stores Specialty Stores Books Engineering Amazon Upgrade Custom Stores Specialty Store . Click the following link to view the cover of Sockets, Shellcode, Porting, & Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals.

Related topics: All Amazon Upgrade. Amazon Upgrade. Custom Stores. Specialty Stores. Books. Amazon Upgrade. Custom Stores. Specialty Stores. Books. Engineering.

1) Paperback Book Sockets, Shellcode, Porting, & Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals by Syngress. Have the Syngress proofreaders fallen asleep on the job?

This book is so full of errors and inaccuracies that it becomes painful to read after a while. Especially the annotated examples, where the line numbers for the code listings often bear no relation to the line numbers listed in the accompanying analysis.

Makes you wonder... what else have they got wrong?

This is 2 books from Syngress I´ve got that are very poor quality. What´s going on guys?

I recommend you wait for the 2nd edition.¤

2) Paperback Book Sockets, Shellcode, Porting, & Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals by Syngress. First thing, I´d like to say this book basically requires a basic knowledge on C/C++, sockets, shellcoding, and basic exploitation techniques. It´s not an introduction for the total newbie.

Now, if you actually know the basics, this is your book. I actually learned a lot from the sockets and the code portability taught here. The shellcode part is pretty good. The only trouble I found is that, in Part I of the shellcoding section, the author uses a tool he presents to us in Part II to extract shellcode. Perhaps he wasn´t expecting us to compile and test any code yet, but rather sit down calmly and listen to some shellcoding general topics. I generally like to compile and run stuff as I read, but anyways... it wasn´t that big of a trouble ! At least the code compiles on the go and what he says makes sense !

About exploitation, the book covers stuff like buffer overflows, format strings vulnerabitilies, etc. So yeah, there´s much to be learned from it.

My general feeling is that some of the topics are presented briefly, but at least the author goes to the point. Concise, quick, and effective; no rubbish is said. What could we expect from an all in one book ? It´s definitely not going to spend 500 pages on one particular topic.

So in conclusion I´d say this is a great book. Also, if you wanna go deeper into shellcoding after reading this, I would suggest "The Shellcoder´s Handbook".¤

3) Paperback Book Sockets, Shellcode, Porting, & Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals by Syngress. I´d say that most people getting a book like this will already be involved with programming a bit. Enough to know what a socket is, how to write a program that uses sockets, etc... However, I could be wrong.

I guess what I thought was that this book was going to kind of tie everything in together such as "ok, now that you know how to write sockets, we´re going to write an exploit that opens a backdoor for you!" However, either I glanced over sections too much, or it just doesn´t exist. Each part of the book doesn´t seem to have much of a tie in to the next part of the book. Maybe in some small ways, but not by much... To me it seems like a hodge podge book where the authors wanted to 1) Tell you about coding, 2) Teach you basic socket programming, 3) Teach you about porting, 4) Teach you about shellcode and 5) teach you about exploits. In other words, it´s almost like 5 separate books that aren´t meant to be pressed into a single book except for some very small references to some parts from others...

Now, this doesn´t mean this is a bad book. It does teach you what it says it will. It´s fairly easy to follow (minus one small error I found) and somewhat in-depth. However, I feel that there are other books that do a better job at the underlying reason why I bought this book... for shellcoding and exploit explanations.

One minor, but confusing and hard to follow error I found in this book is when they have code listings that are line numbered. They´re off by a few lines each time they explain it. This is somewhat confusing even to me, but I would catch on and say "Ahh, they mean line 112 instead of 120". For instance on page 428 there is this block of code:

47 shell_addr[0] = (target->shell_addr & 0xffff0000) >> 16;
48 shell_addr[1] target->shell_addr & 0xffff;
49
50 memset(fmt_string, 0x00, sizeof(fmt_string));
51
52 for (x=17; x < target->count; x++) {
53 strcat(fmt_string, "%8x");
54 len += 8;
55 }
56
57 if (shell_addr[1] > shell_addr[0]) {

And in the analysis of the code it states:

"... On lines 49 and 50, the address where the shellcode resides is split and placed into two 16 bit intergers. The stack space is then populated in lines 54 through 57 with %08x..."

This is clearly a mistake. They´re about 2 lines off with each of those statements. This isn´t the only time this happens in the book. It´s pretty much sporadically throughout the book. So, this may get a little confusing to some or just generally annoying to others (like myself) because you have to stop, go back, scratch your head, figure out where it is they´re really talking about and then move on reluctantly.

I´d say look into "Hacking: The art of exploitation" and "The Shellcoders Handbook" if you´re getting this book to learn about buffer overflows, format string bugs, etc... and the coding, porting and socket programming don´t really apply to you. If they do, this is an overall good book, but not really the best.¤

4) Paperback Book Sockets, Shellcode, Porting, & Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals by Syngress. I purchased Buffer Overflow Attacks, which is also published by Syngress and co-authored by Foster, a couple of months ago. The chapters about shellcode were good and I wanted a deeper explanation. When I saw this book I thought I had found what I was looking for. Unfortunately, the chapters about shellcode are taken straight from BOA. So are the chapter about the xlockmore format string vulnerability and the section in chapter one about InlineEgg.

Additionally, the title says that this book is ´for Security Professionals.´ However, the first chapter is devoted to the basics of programming; if someone is unfamiliar with a looping construct, they should not start with a book about shellcode and exploits.

All of this is not to say that Sockets, Shellcode, Porting and Coding is not an excellent book; it is. But with so much cut´n´pasting going on, I find myself reluctant to purchase another book with Foster on the author list.¤

5) Paperback Book Sockets, Shellcode, Porting, & Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals by Syngress. I personally like this book. It is not for the light of heart, and for those of you that have no idea what the term reverse engineering means. If you have a knowledge of reverse engineering, or have some experience in analyzing binaries. This is an excellent tool.¤

6) Paperback Book Sockets, Shellcode, Porting, & Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals by Syngress. Elite Programming Techniques Demystified

In this groundbreaking book, best-selling author James C. Foster reveals for the first time the methods hackers use to attack and exploit the core components of operating systems and their applications. He provides working code and scripts in C/C++, Java, Perl, and NASL to detect and defend against the most dangerous attacks. The book covers in detail the five most important disciplines for security professionals and software developers: Coding, Sockets, Shellcode, Porting Applications, and Coding Security Tools.

"Read every page of this book, understand the content, and use it to your advantage."--Stuart McClure

• Download the CodeAll code lines throughout the book are numbered for easy reference and are available for download from www.syngress.com/solutions.
• Develop ShellcodeCustomize and optimize never-before-seen shellcode that can exploit almost any system.
• Port Public ExploitsFollow step-by-step instructions for porting exploits to work on Windows, Linux, UNIX, and even Macs!
• Customize Windows COM ObjectsWrap and automate pre-compiled exploits and security tools such as Nmap, netcat, and hping.
• Enhance NiktoDevelop customized code to dramatically improve the performance of the Nikto Web server scanner.
• Reverse Engineer Zero DaysLearn to reverse engineer, modify, and re-automate Zero-Day exploit code.
• Write NASL ScriptsDevelop scripts for Nessus to discover the latest vulnerabilities.
• Identify and Target VulnerabilitiesExamine case studies that reveal how attackers identify and exploit security holes.
• Master SocketsDetailed code examples demonstrate socket initialization, closing sockets, reading and writing data.

Your Solutions Membership Gives You Access to:

A comprehensive FAQ page that consolidates all of the key points of this book into an easy-to-search Web page

"From the Author" Forum where the authors post timely updates and links to related sites

The complete code listings from the book

Downloadable chapters from these best-selling books:

Buffer Overflow Attacks: Detect, Exploit, Prevent

Programmer´s Ultimate Security DeskRef

Hacking the Code: ASP.NET Web Application Security

Nessus Network Auditing

TABLE OF CONTENTS:

Security Coding

NASL Scripting

BSD Sockets

Windows Sockets (Winsock)

Java Sockets

Writing Portable Code

Portable Network Programming

Writing Shellcode (I and II)

Writing Exploits (I, II, and III)

Writing Security Components

Creating a Web Security Tool

Glossary

Security Tool Compendium

Exploit Archives

Syscall Reference

Data Conversion Reference¤

Page Updated: Robert N. Goolsby, 2-Dec-2008, 1597490059792502900598, 190-3X0-170-411-591-781-741-Q8B-8

Sockets, Shellcode, Porting, & Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals, Book, Image © Syngress

Search: Syngress, Book Posters, Book Art