Re: Press seems to be Chinese Whispers ...

[Dave Aitel <dave () immunitysec com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ah. I get it. What he meant was "Only once has Microsoft's actual
computers been hit by 0day, to his knowledge." Not "only once has
Windows been hit with 0day", which is crazy even for a propaganda piece.

What would we need to actually write the tool? An automatic differ -
some kind of intelligent fuzzer to see if we can reach the difference
in question and generate a stack overflow, and the basic stack
overflow exploitation automation algo written as an ollydbg  plugin.

For the most (most!) basic case, we're not too far away. :>

- -dave



Halvar Flake wrote:

| Hey all:
|
| "One such tool available now automatically reverse-engineers
| patches, creates an exploit and launches attacks, he said, allowing
| any non-tech savvy user to become a potential cyber criminal."
| (http://infoworld.com/article/04/02/24/HNunderattack_1.html)
|
| Wow. All I can say is wow. If that tool truly exists, I will shave
| my head and move to a mountain to meditate about my inability.
|
| As if the idea of automated exploit crafting wasn't ridiculous
| enough, the idea of automated patch-reversing + automated
| vulnerability-analysis + automated exploit crafting is so crazy
| that no SF author would've come up with this.
|
| Cheers, Halvar
|
|

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFAPz+RzOrqAtg8JS8RAlonAJ920kcPJK1XUjxlL9J6Sd3tKVYCngCg9ohJ
6Z2FTSx/F0kFTNb89O4TlA4=
=IM17
-----END PGP SIGNATURE-----

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave