Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Bugfun!

From: "Thor Larholm" <thor () pivx com>
Date: Thu, 22 Apr 2004 16:12:43 -0700
The more lists the merrier :)

Posting code or disassemblies without revealing the source seems like an
exercise in obfuscation. If the list got renowned for having analyzed
critical vulnerabilities in key components of network or kernel code I
can easily imagine myself and others making tools to take that partial
code or disassembly and search for its footprint in a library of source
code, binaries and running processes. 

Is it a source code snippet? I'll grep my source library.

Is it a disassembly? I'll check running processes on my network before
running through all binaries in my archive, disassembling them all and
checking the footprint.

True, all of this would take some initial groundwork, tool development
and lots of storage space. In the end, it's all a matter of whether it's
worth it, but knowing Dave's knack for critical vulnerabilities I could
imagine so ;)

The immediate payoff for a malicious person would probably be bigger
just by automating the process of reverse engineering binary patches
from Microsoft.



Regards

Thor Larholm
Senior Security Researcher
PivX Solutions
24 Corporate Plaza #180
Newport Beach, CA 92660
http://www.pivx.com
thor () pivx com
Stock symbol: (OTCBB:DRIL)
Phone: +1 (949) 231-8496
PGP: 0x5A276569
6BB1 B77F CB62 0D3D 5A82 C65D E1A4 157C 5A27 6569

PivX defines a new genre in Desktop Security: Proactive Threat
Mitigation. 
<http://www.pivx.com/qwikfix>

-----Original Message-----
From: Dave Aitel [mailto:dave () immunitysec com] 
Sent: Wednesday, April 21, 2004 8:05 PM
To: dailydave () lists immunitysec com
Subject: [Dailydave] Bugfun!


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

New Immunity Mailing List:
http://lists.immunitysec.com/mailman/listinfo/bugfun

Bugfun is for people who think bugs are fun. You can post code or
disassemblies to it. If you don't find reading C or assembly code and
looking for the bug fun, even if you know you won't get the answer, then
this is not the list for you. Also, this is not a list for bugs that
aren't in real software. If you want to post a bug without revealing the
source, that's cool, but don't write a program that has a bug as a sort
of "challenge" and expect it to make it through moderation. This isn't
the "MS Prefix" QA list, even if it may sometimes look like it.

Thanks, and happy bug fun day!
Dave Aitel
Immunity, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFAhzZszOrqAtg8JS8RAgn+AKC7rjujmu7fvmMwm9z3xdsgRzJhKACgyy9/
Oenp09iqCpfOlT1tCY+pFjI=
=cto8
-----END PGP SIGNATURE-----

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: