Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Techniques for Vulneability discovery

From: GomoR <GomoR () gomor org>
Date: Tue, 9 Apr 2002 16:03:28 +0200
On Fri, 5 Apr 2002 09:04:33 +0800
"kaipower" <kaipower () subdimension com> wrote:


Hi,

After reading the mailing list for quite a while, there is a burning
question which I kept asking myself:

How do experts discover vulnerabilities in a system/software?

Some categories of vulnerabilities that I am aware of:
1) Buffer overflow (Stack or Heap)
2) Mal access control and Trust management
3) Cross site scripting
4) Unexpected input - e.g. SQL injection?
5) Race conditions
6) password authentication

Do people just run scripts to brute force to find vulnerabilities? (as in
the case of Buffer overflows)
Or do they do a reverse engineer of the software?

How relevant is reverse engineering in this context?

Anybody out there care to give a methodology/strategy in finding
vulnerabilities?

Mike




      There is just a new article published that covers this point.
  I've read it, and I think it could help you a little.

  http://www.computer.org/computer/sp/articles/arc/index.htm


______________________________________________________________________
       __  __
      /  ||   \     FreeBSD Network - http://www.GomoR.org/
     | __ |___/     Security Engineer Junior
     |   ||  \
      \__||   \     >root is the only God I believe in<
Previous By Date Next
Previous By Thread Next

Current thread: