Programming Books C Java PHP Python Learn more Browse Programming Books
Sockets, Shellcode, Porting, and Coding: Reverse Engineer... and over one million other books are available for Amazon Kindle. Learn more
Qty:1
  • List Price: $54.95
  • Save: $9.17 (17%)
Only 1 left in stock (more on the way).
Ships from and sold by Amazon.com.
Gift-wrap available.
Sockets, Shellcode, Porti... has been added to your Cart
FREE Shipping on orders over $35.
Condition: Used: Very Good
Comment: There is minor wear to the cover and edges. There are no internal or external markings. There is minor wear to the cover and edges. There are marks on the for-edge.
Access codes and supplements are not guaranteed with used items.
Trade in your item
Get a $2.00
Gift Card.
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Sockets, Shellcode, Porting, and Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals Paperback – Illustrated, April 12, 2005

ISBN-13: 079-2502900598 ISBN-10: 1597490059 Edition: 1st

Buy New
Price: $45.78
23 New from $23.70 23 Used from $3.20
Amazon Price New from Used from
Kindle
"Please retry"
Paperback, Illustrated
"Please retry"
$45.78
$23.70 $3.20
Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student

$45.78 FREE Shipping. Only 1 left in stock (more on the way). Ships from and sold by Amazon.com. Gift-wrap available.

Customers Who Bought This Item Also Bought


Editorial Reviews

About the Author

James C. Foster, Fellow, is the Deputy Director of Global Security Solution Development for Computer Sciences Corporation where he is responsible for the vision and development of physical, personnel, and data security solutions. Preceding CSC, Foster was the Director of Research and Development for Foundstone Inc. and was responsible for all aspects of product, consulting, and corporate R&D initiatives. Prior to joining Foundstone, Foster was an Executive Advisor and Research Scientist with Guardent Inc. and an adjunct author at Information Security Magazine, subsequent to working as Security Research Specialist for the Department of Defense. Foster is also a well published author with multiple commercial and educational papers; and has authored, contributed, or edited for major publications to include Snort 2.1 Intrusion Detection (Syngress, ISBN: 1-931836-04-3), Hacking Exposed, Fourth Edition, Anti-Hacker Toolkit, Second Edition, Advanced Intrusion Detection, Hacking the Code: ASP.NET Web Application Security (Syngress, ISBN: 1-932266-65-8), Anti-Spam Toolkit, Google Hacking for Penetration Techniques (Syngress, ISBN: 1-931836-36-1), and Sockets, Shellcode, Porting and Coding (Syngress ISBN: 1-597490-05-9).
NO_CONTENT_IN_FEATURE

Shop the new tech.book(store)
New! Introducing the tech.book(store), a hub for Software Developers and Architects, Networking Administrators, TPMs, and other technology professionals to find highly-rated and highly-relevant career resources. Shop books on programming and big data, or read this week's blog posts by authors and thought-leaders in the tech industry. > Shop now

Product Details

  • Paperback: 700 pages
  • Publisher: Syngress; 1 edition (April 12, 2005)
  • Language: English
  • ISBN-10: 1597490059
  • ISBN-13: 978-1597490054
  • Product Dimensions: 7 x 1.6 x 9.2 inches
  • Shipping Weight: 2.1 pounds (View shipping rates and policies)
  • Average Customer Review: 3.6 out of 5 stars  See all reviews (7 customer reviews)
  • Amazon Best Sellers Rank: #1,348,062 in Books (See Top 100 in Books)

Customer Reviews

3.6 out of 5 stars
Share your thoughts with other customers

Most Helpful Customer Reviews

14 of 15 people found the following review helpful By James Lee on June 24, 2006
Format: Paperback
I purchased <u>Buffer Overflow Attacks</u>, which is also published by Syngress and co-authored by Foster, a couple of months ago. The chapters about shellcode were good and I wanted a deeper explanation. When I saw this book I thought I had found what I was looking for. Unfortunately, the chapters about shellcode are taken straight from BOA. So are the chapter about the xlockmore format string vulnerability and the section in chapter one about InlineEgg.

Additionally, the title says that this book is 'for Security Professionals.' However, the first chapter is devoted to the basics of programming; if someone is unfamiliar with a looping construct, they should not start with a book about shellcode and exploits.

All of this is not to say that <u>Sockets, Shellcode, Porting and Coding</u> is not an excellent book; it is. But with so much cut'n'pasting going on, I find myself reluctant to purchase another book with Foster on the author list.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
9 of 10 people found the following review helpful By Jeff Pike on February 7, 2006
Format: Paperback
I've had this book for about 6 months now. I've read it, and I've worked through about a third of the code samples.

This book starts of with an intro on programming languages that touches on issues relevant to C, C++, Perl, Java, C#, and others that vulnerability researchers might be interested in. The 2nd chapter on NASL (Nessus) scripting is a little sparse, but is suitable for a quick reference.

The next three chapters are devoted to BSD, Windows, and Java sockets respectively. The information provided is good enough to code working sockets in all three. The BSD code samples seem to work okay.

The next two chapters are on writing portable code and portable network programming. These are probably two of the best chapters in this book. If I ever got heavy into vulnerability coding, I'd be referring to these.

The next two chapters are on writing shellcode. These are pretty good chapters. One issue with these chapters is that the author's s-proc program doesn't quite seem to work. This is a utility that prints your shellcode in hex (-p option) or executes the code to test it (-e option). This would come in handy indeed. I have some working shellcode, but I never got it to work with s-proc -e in chapter 9. I e-mailed the author twice, but he did not respond. I subtract one star for that. Still these chapters have some cool ideas for shellcode.

There are three chapters on writing exploits. The first two are kind of a whirlwind tour of traditional exploit issues (format string, stack & heap overflows, integer bugs). The last chapter is an introductory chapter on using Metasploit and an overview of how to write exploits for the framework.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
4 of 6 people found the following review helpful By Joel Esler on March 21, 2006
Format: Paperback Verified Purchase
I personally like this book. It is not for the light of heart, and for those of you that have no idea what the term reverse engineering means. If you have a knowledge of reverse engineering, or have some experience in analyzing binaries. This is an excellent tool.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 2 people found the following review helpful By Dean Jones Jr. on August 3, 2007
Format: Paperback
I'd say that most people getting a book like this will already be involved with programming a bit. Enough to know what a socket is, how to write a program that uses sockets, etc... However, I could be wrong.

I guess what I thought was that this book was going to kind of tie everything in together such as "ok, now that you know how to write sockets, we're going to write an exploit that opens a backdoor for you!" However, either I glanced over sections too much, or it just doesn't exist. Each part of the book doesn't seem to have much of a tie in to the next part of the book. Maybe in some small ways, but not by much... To me it seems like a hodge podge book where the authors wanted to 1) Tell you about coding, 2) Teach you basic socket programming, 3) Teach you about porting, 4) Teach you about shellcode and 5) teach you about exploits. In other words, it's almost like 5 separate books that aren't meant to be pressed into a single book except for some very small references to some parts from others...

Now, this doesn't mean this is a bad book. It does teach you what it says it will. It's fairly easy to follow (minus one small error I found) and somewhat in-depth. However, I feel that there are other books that do a better job at the underlying reason why I bought this book... for shellcoding and exploit explanations.

One minor, but confusing and hard to follow error I found in this book is when they have code listings that are line numbered. They're off by a few lines each time they explain it. This is somewhat confusing even to me, but I would catch on and say "Ahh, they mean line 112 instead of 120".
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Frequently Bought Together

Sockets, Shellcode, Porting, and Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals + Writing Security Tools and Exploits + Buffer Overflow Attacks: Detect, Exploit, Prevent
Price for all three: $116.68

Buy the selected items together