Re: how to discover vulnerability?

["dwarkeeper" <dwarkeeper () hotmail com>]

 Download spike fuzzer from immunitysec that is one of the few automated
ways to search for overflows, use tools like RATS, FLAWFINDER,
formatstring.pl to search through source code for use of possibly vulnerable
code and last but not lease reading source code helps as well.

/DK

----- Original Message -----
From: "Ali Saifullah Khan" <ali_saifullah () hotmail com>
To: <security-basics () securityfocus com>
Sent: Friday, April 18, 2003 12:48 AM
Subject: Re: how to discover vulnerability?


> Well, there has been debate for some time now over this issue.
> most ways of writing stack/heap/buffer overflows deal with searching for
> places in the code where there are either in-efficient or non-existent
> boundary checking conditions.
>
> using snprintf() instead of printf() is an example subject which has
> undergone considerable debate for a long time. But there are several other
> theologies you may consider when attempting to exploit a loophole in an
> application. it can be the way it takes input, not necessarily how it
takes
> input. if one can structure ways to force input to the application while
not
> necessarily attempting buffer overflows, but just by the way the
programmer
> has designed the application to deal with input data, you have every
chance
> of exploiting a new loophole, the programmer may have never even thought
> about, or written code to avoid.
>
> Regards,
> Ali Saifullah Khan
>
> > ----- Original Message -----
> > From: "Quynh Nguyen Anh" <quynh () sfc keio ac jp>
> > To: <security-basics () securityfocus com>
> > Sent: Thursday, April 17, 2003 2:39 AM
> > Subject: how to discover vulnerability?
> >
> >
> > > hello,
> > >
> > > i have a question: almost every day, there are many security holes are
> > > discovered. i wonder how they can find these holes?
> > >
> > > 1. for open source softwares, they must read every source line ?
> > > 2. for closed source softwares, they must reverse engineering binary
> > code
> > ?
> > > anway, i dont know exactly how they can discover holes!
> > >
> > > your ideas on this matter?
> > >
> > > many thanks.
> > > nguyen
>
> --------------------------------------------------------------------------
> > -
> > > Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam,
> > the
> > > world's premier event for IT and network security experts.  The
two-day
> > > Training features 6 hand-on courses on May 12-13 taught by
> > professionals.
> > > The two-day Briefings on May 14-15 features 24 top speakers with no
> > vendor
> > > sales pitches.  Deadline for the best rates is April 25.  Register
today
> > to
> > > ensure your place.
> > http://www.securityfocus.com/BlackHat-security-basics
> > >
>
> --------------------------------------------------------------------------
> > --
> > >
>
> ---------------------------------------------------------------------------
> > Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the
> > world's premier event for IT and network security experts.  The two-day
> > Training features 6 hand-on courses on May 12-13 taught by professionals.
> > The two-day Briefings on May 14-15 features 24 top speakers with no
vendor
> > sales pitches.  Deadline for the best rates is April 25.  Register today
to
> > ensure your place.  http://www.securityfocus.com/BlackHat-security-basics
>
> ---------------------------------------------------------------------------
-
> >
>
>
> _________________________________________________________________
> MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*.
> http://join.msn.com/?page=features/virus
>
>
> --------------------------------------------------------------------------
-
> Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the
> world's premier event for IT and network security experts.  The two-day
> Training features 6 hand-on courses on May 12-13 taught by professionals.
> The two-day Briefings on May 14-15 features 24 top speakers with no vendor
> sales pitches.  Deadline for the best rates is April 25.  Register today
to
> ensure your place.  http://www.securityfocus.com/BlackHat-security-basics
> --------------------------------------------------------------------------
--
>

---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the 
world's premier event for IT and network security experts.  The two-day 
Training features 6 hand-on courses on May 12-13 taught by professionals.  
The two-day Briefings on May 14-15 features 24 top speakers with no vendor 
sales pitches.  Deadline for the best rates is April 25.  Register today to 
ensure your place.  http://www.securityfocus.com/BlackHat-security-basics 
----------------------------------------------------------------------------