Exploit writing thoughts

[dave <dave () immunityinc com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

So what is it exactly you are asking of someone when you ask them to
write an exploit, is something I think about a lot. Usually it goes like
this:

"Hi, you know that wacky technology no one who can avoid it uses,
["Java","ColdFusion","Sharepoint","etc"]? Yeah, I need you to become an
expert at it to the level where you could explain how it works to the
developers at Sun/Oracle, and then find that corner case that makes it
fail. Ideally this would happen today, right?" And at the end of maybe a
month to six months of really hard work, you (maybe) get a tiny 500 line
program that does something weird, but not too weird. Or maybe you get
nothing.

One of the hard things about exploits (especially these days) is that
you have to absorb a LOT of failure in order to get the spectacular
results that are your bread and butter. Exploit devs have huge egos by
way of necessity and are tenacious like an Overtown pitbull, so one of
the harder parts of the job is to tell them to "give up, find another one".

In other words, you have to fail fast, but not too fast. How are you
going to know which is which unless you've been there?

- -dave
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAku8kJgACgkQtehAhL0gheqfywCeOG1e7mOv9ss5p+XrqyWA5slx
clIAmgM5pRYXTcH0Ti8alCIH2/SSyW6b
=IkDJ
-----END PGP SIGNATURE-----
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave