Dailydave mailing list archives
Re: Immunity Certified Network Offense Professional
From: "Thomas Ptacek" <tqbf () matasano com>
Date: Sat, 12 Jul 2008 20:47:15 -0500
Then they'd fail. There's no excuse for not being able to write a simple Windows stack overflow in this day and age. I don't see this part as a problem. Even web attackers need to know how to do that.
Web attackers do not need to know how to write stack overflows, Dave. If you can code, you don't even need to know how to write stack overflows to pen-test shrink wrap software. Two observations, which I can make because our team can obviously throw down the archaic exploit writing skills: - In the commercial market, the ability to find vulnerabilities commands a far higher price than the ability to write exploits. This isn't opinion; it's simply empirical. People who actually write exploits all day tend to work for vendors. A majority of consultants can't. - Most of the game-over vulnerabilities we find aren't code injection anymore. You're proposing a metric that could fail someone who can do DH parameter tampering, because they don't know the X86 Windows system call gate.
It is hard, of course, to isolate a hands on test from the tools you have to use to do that test. VisualSploit and Immunity Debugger are really easy to use, but if you are only capable of using WinDBG then you might fail as well. In that case, you'd need to learn how to pick up new tools faster. We'll have an instruction book available at the table. :> - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIeQZjtehAhL0gheoRAvtcAKCGJUNoPLtsEEyKio9y5jOnuYBM2wCfQY3k CtWVHv6SwDthKJorIEWlwg8= =O5qQ -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
-- --- Thomas H. Ptacek // matasano security read us on the web: http://www.matasano.com/log _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Immunity Certified Network Offense Professional Dave Aitel (Jul 11)
- Re: Immunity Certified Network Offense Professional Blue Boar (Jul 11)
- Re: Immunity Certified Network Offense Professional Thomas Ptacek (Jul 11)
- Re: Immunity Certified Network Offense Professional Alexander Sotirov (Jul 11)
- Re: Immunity Certified Network Offense Professional Rodney Thayer (Jul 12)
- Re: Immunity Certified Network Offense Professional root (Jul 12)
- Re: Immunity Certified Network Offense Professional Dave Aitel (Jul 12)
- Re: Immunity Certified Network Offense Professional Thomas Ptacek (Jul 13)
- Re: Immunity Certified Network Offense Professional Pusscat (Jul 13)
- Re: Immunity Certified Network Offense Professional Thomas Ptacek (Jul 13)
- Re: Immunity Certified Network Offense Professional matthew wollenweber (Jul 13)
- Re: Immunity Certified Network Offense Professional Thomas Ptacek (Jul 13)
- Re: Immunity Certified Network Offense Professional Thomas Ptacek (Jul 11)
- Re: Immunity Certified Network Offense Professional val smith (Jul 14)
- Re: Immunity Certified Network Offense Professional Blue Boar (Jul 11)
- Re: Immunity Certified Network Offense Professional Paul Melson (Jul 13)
- Re: Immunity Certified Network Offense Professional drraid (Jul 13)
- Re: Immunity Certified Network Offense Professional Thomas Ptacek (Jul 13)
- Re: Immunity Certified Network Offense Professional root (Jul 14)
- Re: Immunity Certified Network Offense Professional Thomas Ptacek (Jul 14)