Dailydave mailing list archives
Re: Immunity Certified Network Offense Professional
From: Pusscat <pusscat () metasploit com>
Date: Sun, 13 Jul 2008 14:07:24 -0400
The problem I see with this is that people that can't write a simple exploit also cannot to other very important tasks such as: - Decide if a crash is exploitable at all - Make a judgement about the reliability of any exploits written - Debug the crash to see what input caused the crash in a reasonable time limit - Discuss possible fixes intellegently - Apply knowledge of the crash to other areas of the program to ensure that the bug isn't repeated and that the fix is in fact complete Exploitation of a simple vuln requires only simple knowledge of how x86 systems and the windows OS works, and some experience makimaking effective use of your tools work in a timely fashion. In my oppinion Dave's cert is just an effective test of basic knowledge and skills in one tiny package. - Lurene On Sat, Jul 12, 2008 at 9:47 PM, Thomas Ptacek <tqbf () matasano com> wrote:
Then they'd fail. There's no excuse for not being able to write a simple Windows stack overflow in this day and age. I don't see this part as a problem. Even web attackers need to know how to do that.Web attackers do not need to know how to write stack overflows, Dave. If you can code, you don't even need to know how to write stack overflows to pen-test shrink wrap software. Two observations, which I can make because our team can obviously throw down the archaic exploit writing skills: - In the commercial market, the ability to find vulnerabilities commands a far higher price than the ability to write exploits. This isn't opinion; it's simply empirical. People who actually write exploits all day tend to work for vendors. A majority of consultants can't. - Most of the game-over vulnerabilities we find aren't code injection anymore. You're proposing a metric that could fail someone who can do DH parameter tampering, because they don't know the X86 Windows system call gate.It is hard, of course, to isolate a hands on test from the tools you have to use to do that test. VisualSploit and Immunity Debugger are really easy to use, but if you are only capable of using WinDBG then you might fail as well. In that case, you'd need to learn how to pick up new tools faster. We'll have an instruction book available at the table. :> - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIeQZjtehAhL0gheoRAvtcAKCGJUNoPLtsEEyKio9y5jOnuYBM2wCfQY3k CtWVHv6SwDthKJorIEWlwg8= =O5qQ -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave-- --- Thomas H. Ptacek // matasano security read us on the web: http://www.matasano.com/log _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Immunity Certified Network Offense Professional Dave Aitel (Jul 11)
- Re: Immunity Certified Network Offense Professional Blue Boar (Jul 11)
- Re: Immunity Certified Network Offense Professional Thomas Ptacek (Jul 11)
- Re: Immunity Certified Network Offense Professional Alexander Sotirov (Jul 11)
- Re: Immunity Certified Network Offense Professional Rodney Thayer (Jul 12)
- Re: Immunity Certified Network Offense Professional root (Jul 12)
- Re: Immunity Certified Network Offense Professional Dave Aitel (Jul 12)
- Re: Immunity Certified Network Offense Professional Thomas Ptacek (Jul 13)
- Re: Immunity Certified Network Offense Professional Pusscat (Jul 13)
- Re: Immunity Certified Network Offense Professional Thomas Ptacek (Jul 13)
- Re: Immunity Certified Network Offense Professional matthew wollenweber (Jul 13)
- Re: Immunity Certified Network Offense Professional Thomas Ptacek (Jul 13)
- Re: Immunity Certified Network Offense Professional Thomas Ptacek (Jul 11)
- Re: Immunity Certified Network Offense Professional val smith (Jul 14)
- Re: Immunity Certified Network Offense Professional Blue Boar (Jul 11)
- Re: Immunity Certified Network Offense Professional Paul Melson (Jul 13)
- Re: Immunity Certified Network Offense Professional drraid (Jul 13)
- Re: Immunity Certified Network Offense Professional Thomas Ptacek (Jul 13)
- Re: Immunity Certified Network Offense Professional root (Jul 14)
- Re: Immunity Certified Network Offense Professional Thomas Ptacek (Jul 14)
- Re: Immunity Certified Network Offense Professional Paul Melson (Jul 14)