Dailydave mailing list archives
Remote language detection
From: Dave Aitel <dave () immunityinc com>
Date: Wed, 06 Dec 2006 11:24:25 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In the podcast this week on eweek.com[2] I talk a tiny bit about the changes going through penetration testing. I think there ARE major changes. A penetration tester used to be the guy able to download things from packetstorm.com and compile them and run them against your servers. It was a database of knowledge of what worked and how to use it that was in your head that was valuable. But the Googlization of the world has rendered all sorts of head-databases less valuable. When Immunity hires a penetration tester now, we hire someone who can download that third party ISAPI filter, install it in a VM, find a vulnerability in it, and then write the overflow to bypass your unknown HIDS in two days or less. There's been a commoditization of known vulnerabilities. I don't think it will be that long from now where a penetration testing service that does not offer 0day testing will be completely devalued. Essentially this is where penetration testing is already, since most of what you do in a test is web-based which is essentially 0day testing. It's possible to get a remote shell against web applications too, it's just not as easy as owning with bind-nxt and seeing a #. CANVAS has a javaNode because during a penetration test we needed to abstract away the idea that we could execute arbitrary Java on a WebLogic server. One of the other things we've been doing lately is remote language detection. Today we've released a small whitepaper about some of our research which is available here[1]. Ask your questions about it here, if you want, and I'll release a version 2.0 that answers them. :> - -dave [1] http://www.immunityinc.com/resources-papers.shtml [2] http://www.eweek.com/article2/0,1895,2067349,00.asp Defense by Offensive Hacking December 4, 2006 *In this *OnSecurity* podcast: Immunity vulnerability researcher Dave Aitel talks with eWEEK's Ryan Naraine about simulated hacking attacks, new penetration testing tools and techniques, the resiliency of Vista, and his unique take on the vulnerability disclosure debate.* -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFFdu63B8JNm+PA+iURAoMNAJ9HwEc8pwPcyi6l5T0oa2ZdnrlxGwCg7CW+ J80xuzAsnGqYM9weSNdQO+E= =v3lb -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Remote language detection Dave Aitel (Dec 06)
- <Possible follow-ups>
- Re: Remote language detection Steven M. Christey (Dec 07)