Dailydave mailing list archives
Re: Immunity Debugger on eWeek
From: Dave Aitel <dave () immunityinc com>
Date: Wed, 08 Aug 2007 10:25:51 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 If I had a quarter for every time someone said to me they were going to reverse a binary into an intermediate language and do slicing on it to find all the bugs, I'd ... well, I'd be able to buy some ice cream at least. But regardless, the automatic analysis the article was talking about refers to the script I was demoing at our booth at defcon (linked off the Immunity Debugger web page): http://www.immunityinc.com/images/immdbg-stackvars.png It's a lot simpler than most analysis scripts, since Bas whipped it up in a couple days to demonstrate and test the Python API. But it does work for the trivial case here, which makes it cool in my book. Just having all the functions marked up nicely to point out sizes is useful. - -dave Isaac Dawson wrote:
I'd say chalk that one up to FUD. I love the "near automatic" commentary, also it's pretty easy to tell this journalist doesn't really know what they are saying. The fact that she did not even read that the tool is called "Immunity Debugger" not Debugger says quite enough for the rest of the content of the article. Also I bet some people at McAfee aren't too pleased with the managers response. Why is it journalists always talk to the managers and not the technical people? Just easier to get a hold of and get their 2 cents worth? Doesn't he know that Foundstone creates tools to "find bugs easier", and in fact has many training materials to help people learn how to find web vulnerabilities?Marcus said he doesn't think that "the bug exists already" argument is agood one. "Yes, we know that," he said. "We know the bugs are in the code. But making more and more tools" to make it easier to find those bugs, that, he said, is not going to make his customers happy. "They'll all do this," he said, rolling his eyes to the ceiling. "'Great!'" <<< Gold Jerry, Gold. -isaac On 8/6/07, Hybridus <hybridus () gmail com> wrote:http://www.eweek.com/article2/0,1895,2166829,00.asp <>What it means is more zero days, Marcus said. "And that's certainly not a good thing.(Why?) I think you'll see a spike in zero days, and contributions to the zero-day initiative, because it makes it easier to find vulnerabilities.</> Vulnerability is already out there, people/tools don't create them. I don't understand what's the matter with zero days.. -- -- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave---------------------------------------------------------------------- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGudJtB8JNm+PA+iURAk/kAKDkFRDgdwT7JMeByw9GDCM50A3exwCgyW0s ONfa/BcSZjVjjgxAKcB70Z4= =8/NV -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Immunity Debugger on eWeek Hybridus (Aug 06)
- Re: Immunity Debugger on eWeek Isaac Dawson (Aug 07)
- Re: Immunity Debugger on eWeek Dave Aitel (Aug 08)
- Re: Immunity Debugger on eWeek Bee Binger (Aug 07)
- Re: Immunity Debugger on eWeek Isaac Dawson (Aug 07)