Dailydave mailing list archives
RE: Bugfun!
From: "Thor Larholm" <thor () pivx com>
Date: Thu, 22 Apr 2004 16:12:43 -0700
The more lists the merrier :) Posting code or disassemblies without revealing the source seems like an exercise in obfuscation. If the list got renowned for having analyzed critical vulnerabilities in key components of network or kernel code I can easily imagine myself and others making tools to take that partial code or disassembly and search for its footprint in a library of source code, binaries and running processes. Is it a source code snippet? I'll grep my source library. Is it a disassembly? I'll check running processes on my network before running through all binaries in my archive, disassembling them all and checking the footprint. True, all of this would take some initial groundwork, tool development and lots of storage space. In the end, it's all a matter of whether it's worth it, but knowing Dave's knack for critical vulnerabilities I could imagine so ;) The immediate payoff for a malicious person would probably be bigger just by automating the process of reverse engineering binary patches from Microsoft. Regards Thor Larholm Senior Security Researcher PivX Solutions 24 Corporate Plaza #180 Newport Beach, CA 92660 http://www.pivx.com thor () pivx com Stock symbol: (OTCBB:DRIL) Phone: +1 (949) 231-8496 PGP: 0x5A276569 6BB1 B77F CB62 0D3D 5A82 C65D E1A4 157C 5A27 6569 PivX defines a new genre in Desktop Security: Proactive Threat Mitigation. <http://www.pivx.com/qwikfix> -----Original Message----- From: Dave Aitel [mailto:dave () immunitysec com] Sent: Wednesday, April 21, 2004 8:05 PM To: dailydave () lists immunitysec com Subject: [Dailydave] Bugfun! -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 New Immunity Mailing List: http://lists.immunitysec.com/mailman/listinfo/bugfun Bugfun is for people who think bugs are fun. You can post code or disassemblies to it. If you don't find reading C or assembly code and looking for the bug fun, even if you know you won't get the answer, then this is not the list for you. Also, this is not a list for bugs that aren't in real software. If you want to post a bug without revealing the source, that's cool, but don't write a program that has a bug as a sort of "challenge" and expect it to make it through moderation. This isn't the "MS Prefix" QA list, even if it may sometimes look like it. Thanks, and happy bug fun day! Dave Aitel Immunity, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFAhzZszOrqAtg8JS8RAgn+AKC7rjujmu7fvmMwm9z3xdsgRzJhKACgyy9/ Oenp09iqCpfOlT1tCY+pFjI= =cto8 -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Bugfun! Dave Aitel (Apr 21)
- <Possible follow-ups>
- RE: Bugfun! Thor Larholm (Apr 22)