Re: [WEB SECURITY] Re: Backdoors in custom software applications

[Chris Wysopal <cwysopal () veracode com>]

Here is a paper that I wrote with Chris Eng that covers major categories of backdoors with examples.

http://www.veracode.com/images/stories/static-detection-of-backdoors-1.0.pdf

Our Blackhat presentation

http://www.veracode.com/images/stories/static-detection-of-backdoors-1.0-blackhat2007-slides.pdf

-Chris

-----Original Message-----
From: Jeremy Epstein [mailto:jeremy.j.epstein () gmail com] 
Sent: Thursday, December 16, 2010 6:10 PM
To: Sebastian Schinzel
Cc: Secure Coding; websecurity
Subject: [WEB SECURITY] Re: [SC-L] Backdoors in custom software applications

There was an interesting example in a NPS thesis about a decade ago introducing a back door into a device driver.  I 
can't remember the student's name, unfortunately.  Phil something-or-other.

On Thu, Dec 16, 2010 at 3:18 PM, Sebastian Schinzel <ssc () seecurity org> wrote:
> Hi all,
>
> I am looking for ideas how intentional backdoors in real software applications may look like.
>
> Wikipedia already provides a good list of backdoors that were found in 
> software applications: 
> http://en.wikipedia.org/wiki/Backdoor_(computing)
>
> Has anyone encountered backdoors during code audits, penetration tests, data breaches?
> Could you share some details of how the backdoor looked like? I am 
> really interested in a technical and abstract description of the backdoor (e.g. informal descriptions or pseudo-code).
> Anonymized and off-list replies are also very welcome.
>
> Thanks,
> Sebastian
> _______________________________________________
> Secure Coding mailing list (SC-L) SC-L () securecoding org List 
> information, subscriptions, etc - 
> http://krvw.com/mailman/listinfo/sc-l
> List charter available at - 
> http://www.securecoding.org/list/charter.php
> SC-L is hosted and moderated by KRvW Associates, LLC 
> (http://www.KRvW.com) as a free, non-commercial service to the software security community.
> Follow KRvW Associates on Twitter at: 
> http://twitter.com/KRvW_Associates
> _______________________________________________

----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

To unsubscribe email websecurity-unsubscribe () webappsec org and reply to the confirmation email

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA

WASC on Twitter
http://twitter.com/wascupdates


_______________________________________________
Secure Coding mailing list (SC-L) SC-L () securecoding org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
_______________________________________________