Vulnerability Development mailing list archives
Re: Techniques for Vulneability discovery
From: LS <hydrax () netvision net il>
Date: Sat, 06 Apr 2002 00:05:05 +0200
Hi all (corrected for the lists..), How about applying reverse engineering techniques in order to discover potential security holes ? The most obvious example would be to try and find a buffer overflow in a windows application (these are mostly closed source.. heh). A good place to start would be a disassembly, looking for any kind of buffer assignments, or any type of function call that handles strings, etc.. If you find lots of them, in what appears to be code that handles input, that might be worth a deeper look. Of course, it's not always easy to tell what a certain piece of code does, or if it's even relevant to what you're trying to achieve (i.e: buffer overflow through some user input), but it might work out pretty well. Debuggers and disassemblers might prove really handy in situations like these (of course, other analysis tools might prove useful too, especially under windows). "LS" Eli
Current thread:
- Techniques for Vulneability discovery kaipower (Apr 04)
- RE: Techniques for Vulnerability discovery Oliver Petruzel (Apr 05)
- Re[2]: Techniques for Vulnerability discovery dullien (Apr 06)
- Re[2]: Techniques for Vulnerability discovery dullien (Apr 06)
- RE: Techniques for Vulnerability discovery Leon (Apr 08)
- Re: Techniques for Vulneability discovery Florian Hobelsberger / BlueScreen (Apr 05)
- Re: Techniques for Vulneability discovery Josha Bronson (Apr 05)
- Re: Techniques for Vulneability discovery LS (Apr 05)
- RE: Techniques for Vulneability discovery Pedro Hugo (Apr 05)
- Re: RE: Techniques for Vulneability discovery LS (Apr 08)
- RE: Techniques for Vulneability discovery Pedro Hugo (Apr 05)
- RE: Techniques for Vulneability discovery Marc Maiffret (Apr 05)
- Re: Techniques for Vulneability discovery NoCoNFLiC (Apr 05)
- Re: Techniques for Vulneability discovery 3APA3A (Apr 06)
- Re: Techniques for Vulneability discovery Rafael Anschau (Apr 09)
- Re: Techniques for Vulneability discovery GomoR (Apr 09)
- RE: Techniques for Vulneability discovery David Hawley (Apr 10)
- <Possible follow-ups>
- RE: Techniques for Vulneability discovery Ed Moyle (Apr 05)
- RE: Techniques for Vulneability discovery W. Lee Schexnaider (Apr 05)
(Thread continues...)
- RE: Techniques for Vulnerability discovery Oliver Petruzel (Apr 05)