An Independent Plagiarism Review of How to Become the World's No. 1 Hacker

Last Updated on Sunday, 25 July 2010 18:07 Written by Brian Baskin Tuesday, 29 June 2010 01:31

I won't beat the drum regarding Mr. Gregory D Evans and his infamous security company, LIGATT Security. That topic has been covered thoroughly elsewhere, such as on Attrition.org. I was surprised at the issue of plagiarism that came up earlier this month and decided to evaluate the book myself.

Ben Rothke did an excellent job at setting up the story with his plagiarism audit on his blog.

What prompted me to do this audit was one major statement. In defense of his book, Mr. Evans spoke that "I wrote 60 percent of my book". (Source video, time marker 11:50). After reviewing Rothke's assessment again, there seems to be some grey area. In Rothke's assessment there was a total number of words copied from various other sources, but they weren't placed into the context of the total amount of content per chapter.

Here, I tried to provide that. I went page by page, paragraph by paragraph, to see where the material originated. The following chart is a complete page breakdown of various items that shows, in sequence, where material came from. I'm alleging that the material was copied from these sources, but chances are they he may have found an identical source with the same text. These are the sources that I came up with in my own research and for some there were multiple results.

For those following along at home, the page references on the left refer to the physical page in the book. To get the actual page number, subtract 30 from the reference shown here.

Want to follow along from home? The Register has a link to the full PDF of the book on their related news article.

World’s No. 1 Hacker	Source
1-4	Standard book introduction material
5-9	Gregory Evans biography
10-24	References, screenshots, bona fides
25-30	Table of Contents
31-34	Preface (The first page and few paragraphs of the second, and the last few paragraphs are by Evans - 648 words. The "top 10 cyber crimes" was copied from UltimateCentre)
35	Toolkit (Written by Evans – 156 words)
35-36	Metasploit (copied from Wikipedia)
36	Wireshark (copied from Wikipedia)
36	Snort (copied from Wikipedia)
36	Cain & Able (sic) (copied from product page)
37	BackTrack (Copied from product tutorial)
37	VistaStumbler (Copied from Softpedia)
37	Kismet (Copied from Wikipedia)
37	Aircrack-ng (Copied from Wikipedia)
38	Airodump (Copied from product page)
38	NetStumbler (Copied from Wikipedia)
38	Nmap (Copied from Wikipedia)
38-39	2.1 “I have a client…” (Copied from Hacking for Dummies)
39-42	ETHICAL HACKING AGREEMENT (Copied from SecurityFocus mailing list)
43-46	Phase 1 – Reconnaissance (Copied with slight rewording from AthenaWebSecurity PDF) – In every few sentences is a slight rearrangement of words to fool plagiarism checks. For example, PDF reads: “As an ethical hacker you must be aware of the tools and techniques that are deployed by attackers” Evan’s book reads: “As an ethnical (sic) hacker, you must be aware of the tools and techniques that attackers deploy”
46-50	“The first step…” (Copied from www.Tek-Tips.com). However, total text seems to be a copy from AuditMyPC.
50-53	Packet Sniffing (One original sentence from Evans, and rest copied from GRC.com)
53-57	2.7 (Copied from Cromwell-intl.com)
58	Blank Notes page
59-60	Account Basics (Entire chapter copied from NMRC)
61-64	Password Basics 4.1-4.9 (Copied from NMRC)
65-67	Password Basics 4.10 (Copied from Raymond.cc). Found by using Tineye on screenshots in book.
67-68	Password Basics 4.11 (Image and text copied from Raymond.cc)
68-75	“NEW SECTION PASSWORD CRACKING” (Copied from IBM.com) Some images were copied, some weren’t (defaced website, for example)
75-78	Password Basics 4.12 (Original content by Evans for intro regarding Tiger Woods and Kobe Bryant – 61 words. Rest copied from Sectools.org)
78-85	Password Basics 4.13 (Copied from GovernmentSecurity.org) Text was changed slightly to change download links to “www.ligatt.com”.
85	Password Basics 4.14 (Copied from Microsoft TechNet)
85	Original sentence by Evans at very end - 22 words.
86	Blank Notes page
87-89	Denial of Service (Entire chapter copied from NMRC)
90	Blank Notes page
91	Logging Basics (Entire chapter copied from NMRC)
92	Blank Notes page
93	Miscellaneous Basics 7.0 (First two chapters copied from NMRC, with edits made by Evans to reference his book)
93-94	Miscellaneous Basics 7.1 (Copied from TechTarget, written by Brien M. Posey) Use BugMeNot account to view article.
95-106	Miscellaneous Basics 7.2 (Copied from PacketStormSecurity.org)
106-107	Miscellaneous Basics 7.3-7.4 (Copied from NMRC)
107	Miscellaneous Basics 7.5 (Written by Evans to pitch IPSNITH program – 184 words)
107-108	Miscellaneous Basics 7.6 (Copied from Squidoo.com)
109-113	Spyware (Copied from Squidoo.com) Slight changes were made, including: Original: To purchase Flexispy, go to www.flexispysoftware.com New: To purchase Flexispy, go to www.SPOOFEM.COM.
113-114	“#3 Pick” – Here things change. The original article above listed “MobiStealth” here, but Evans changed it to Neo Call. This material was copied from HackYourLove.com
114-117	“The one product that I DO NOT…” Here it changes back to the original article two entries up. (Copied from Squidoo.com)
117	Spyware 8.1 (Copied from Squidoo.com) This text actually appears at the beginning of the article that Evans copied for the previous pages.
117	Spyware 8.2 (Found on various websites, but it’s a basic list so I’ll just label it as original by Evans – 17 words)
117	Spyware 8.3 (Found on various websites, one is Rafay Hacking Article). After the “Log Summary” line, and the following sentence, the plagiarism changes source, as shown in the next entry.
117-119	Spyware 8.3 (Rest of material copied from SpyPhoneGuy.com)
119	Spyware 8.4 (Copied, again, from Squidoo.com)
119-120	Spyware 8.5 (Copied from NMRC, and is in the wrong chapter J)
120-126	“Spyware overview” (Copied from Symantec.com)
127-129	Spyware 8.6 (Copied from Keyloggers2010.com)
129	“My Favorite” (One paragraph, appears to be originally written by Evans – 45 words)
129-132	SpectorSoft (Copied from Spectorsoft.com)
133-139	Web Browser As Attack Point 9.1-9.5 (Copied from NMRC)
139	Web Browser 9.6 (Errant, confusing paste from EthicalHacker.net)
139-154	Web Browser 9.7 (Copied from EthicalHacker.net, written by Chris Gates)
154-160	Web Browser 9.8 (Copied from dedoimedo.com)
161-168	Web Browser as Attack Tool (Entire chapter copied from NMRC)
169-174	The Basic Web Server 11.0 (Copied from NMRC)
174-175	“I am still confused about the Web server…” (Found on various sources, including SecurityBasic.blogspot.com)
175-176	“Apache Risks” (Copied from SecurityBasic.blogspot.com)
176-177	“IIS Risks” (Copied from SecurityBasic.blogspot.com)
177-178	“Exploiting IIS” (Copied from SecurityBasic.blogspot.com)
178-180	“About Unicode” (Copied from SecurityBasic.blogspot.com) Amusingly, on 180, the section ends with “, (…?)”, though the article has more material on another site (FreeHacking.net). Evans should have been more selective in his plagiarism.
181-195	Port Scanning 12.0 (Sections came from Hacking Exposed Sixth Edition, but were re-written to appear original). At least that’s what I found at first, and then I realized that someone else rewrote it and Evans just copied from him. Copied from SQLInjections.blogspot.com) And, to add salt to a wound, he misspelled http://johnny.ihackstuff.co when copying the material.
196	Port Scanning 12.1 (Copied from NMRC)
196	Port Scanning 12.2 – I know what you’re thinking. It’s just an ad for LIGATT.com so it’s original. Nope. (Copied from NMRC)
197-199	Unix Accounts (Copied from NMRC)
200	Blank Notes page
201-206	Unix Passwords (Copied from NMRC)
207-209	Unix Local Attacks (Copied from NMRC)
210	Blank Notes page
211	Unix Remote Attacks (Copied from NMRC)
212	Blank Notes page
213	Unix Logging (Copied from NMRC)
214	Blank Notes page
215-223	SQL Injection (Copied from Hackers Center) Amusingly, the last paragraph reads: “Thank you all for reading and continue to show your support to Hackers Centre”
224	Blank Notes page
225-229	Packet Sniffing 19.0 (First paragraph seemingly copied from CovertSurfer.com, rest copied from Certified Ethical Hacker Exam Prep, as shown here) Updates were made to change “Ethereal” to “Wireshark”. Any web URLs were removed. UPDATE:21July10 - Noticed on 227 (197) "You might know that my name is Michael Gregg and because I'm the author of this book..."
230	Blank Notes page
231-239	Spoofing and Hijacking (Copied likely from here, but some ultimately came from the C\|EH Official Course Material). Small changes are made, such as adding “As we discussed earlier” to the beginning of 20.1, but it’s all the same copied content.
240	Blank Notes page
241	Social Engineering 21.0 (Copied from TechTarget.com)
242-251	Social Engineering 21.1 (Copied from Certified Ethical Hacker Exam Prep, as shown here. Ultimately I believe Evans copied it from here)
252	Blank Notes page
253-285	Metasploit (I've been unable to find a public site for this material. It is very professional developed and unlike anything else in this book. I believe it’s fair to call it copied from somewhere. Unless Evans would like to come out and show he wrote it.)
286	Blank Notes page
287-303	Cracking a Wireless (sic) (The material here seems identical in structure and nature to the Metasploit material above. A public site can’t be found, but we’re calling it copied for now).
304-309	Eavesdropping on VoIP (Written by Marc-Andre Meloche, and copied from Hakin9).
310	Blank Notes page
311-312	Hacking Cell Phone Voicemails (Originally written by Evans – 634 words) Somewhat evidenced by horrendous grammar and spelling, and a sense of prose that does not flow.
313-321	How to Become a Hacker… (Originally written is hard to say here. Much was copied from LIGATT’s own website, and most is from a usage manual that is included with IPSNITCH and PORTSNITCH. However, for Evans’ sake, we’ll say it is original – 1,489 words).
322	Blank Notes page
323	Making Money as Hacker (sic) (Originally written, as evidenced by Mr. Evans’ insistent loathing of IT Managers – 382 words).
324-325	“Intelligently manage vulnerabilities” (Copied from Core-SDI.com)
326	Blank Notes page
327-333	Glossary (All terms copied from Webopedia and other online dictionary sources. 1, 2, 3, 4, 5, 6, 7, 8, 9, etc…)
334	LIGATT Graphical images
335-341	Blank Notes page
342	Back cover

You will find that many of the references are from NMRC.org, a site run by Simple Nomad. Simple Nomad developed the basic structure that Evans used to plan his table of contents, as well as originally developed the material used by Evans in his book. This was excellently written material, but is dated originally from 2000.

When all was said and done, I counted a total of 3,638 words that Evans had wrote in his own sections. This does not include rewriting of copied material. This adds up to a total of about 15 pages, once you include the numerous images and screenshots. The book has a content-page count of 303 pages. That means that Evans wrote a total of 5% of his book, and that's being generous, with the 22 images in chapter 25 alone . And the vast majority of his content was how to use products that his company sells, which could've been written by anyone on his staff.

The grey areas left are pages 253-285 and 287-303, from which a source has not been identified, but seems out of place with the rest of Evans' work. If Evans announces that he wrote this material, it would take his content up to 21%. But, until he does so, it just does not fall in line with the work he's produced in the past.

UPDATE: 29 June 2010 1927 - I had a thought last night. Going by page count alone, Evans "wrote" about 15 pages of content. However, what if we judged him based on words themselves? Original thought and not graphical imagery. I grabbed a sample page that was all text to see how much content is in a single page in his publishing style. Page 36 (6) came up to 425 words. If we work off words alone, then Evans would have written approximately it comes up to approximately 8.5 pages of content. So, almost half of what I claimed above. But, again, we need to look at things in context. The entire book was 95,547 words. That means that Evans' 3,638 words is 3.8% of the book's content.

And I may even throw Mr. Evans a very small bone here. Although he said that he wrote 60% of the book and outsourced the last 40% (which we can now see that he outsourced 95%), he may have been under the assumption that the material given to him was unique and not copied. However, if you are going to hit up Craigslist to find hackers to give you original hacking material (Source video, time marker 11:58). Find a person desperate for money and tell them to give you content on XYZ, and they'll copy it from Wikipedia. A TRUE publishing company would know better. By having ghost writers you are willingly taking credit for other people's work, and they give up their rights for a small profit. However, that also means that you take the hit if you did not properly vet and verify the material given to you. You put your name on that content; you cannot pass the buck to a ghost writer.

UPDATE: 21 July 2010 1530 - Gregory Evans recently gave a phone interview with Stock Talk 101 Radio. In this interview (time marker 6:45) he stated "I wrote the book - I did not - I put the book together, but yet, all the people who are actually saying that I plagiarized the book never read the book. They don't have copies of the book. The only thing they have is what was said by one person where this whole thing actually started and even in the book we um, we did not even discuss that this book was written by Greg or authored by Greg or any of that. I think it comes that is um a publication of Gregory Evans. It's like you know a movie and you say you have an executive producer who pays for everything. It's more like that. Because everything I paid for, all the stories and chapters except for the stuff that I actually wrote, all is in the book. And it's in there legitimately. And, again, to this day I still have yet anyone to come back and say "Greg, you stole my stuff" and contacted their attorneys and try to file a new claim. "

I'll make no response to that. You can read this article, and read his statement above, and make your own determinations.

Comments

#1 Ed Williams 2011-02-05 03:40

Excellent work Brian! I'm glad to say that I have met you.

Quote

Refresh comments list
RSS feed for comments to this post

Add comment

JComments