Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Bridget Jones's Information Security Periodical

From: "Matt Hargett" <matt () use net>
Date: Thu, 12 Feb 2004 23:17:42 -0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

(this was sitting in my drafts folder, forgot to send it. better late than
never.)


However, although a default SPIKE run can often find nice bugs in
Microsoft or Sun products, it sometimes fails against other vendors. So
lately I've taken to opening up executables in Ollydbg, and using some
of the nice features it has to analyze programs while I fuzz them.


I came up with some techniques at a previous company
somewhat like this that I think Greg (Hoglund) used in one of his talks a
few years ago. 
While fuzzing/fault injecting a target, it's good to run
it undre Purify or valgrind (depending on what is available on the
target).
- From a pure QA perspective, it can help find OB1 issues that might not be
exploitable but cause subtle memory corruption that causes a crash
days/weeks/months later. I wrote a little paper on it while at that
company,
but it never got published or used in any way.

Code coverage is another thing commonly overlooked. Before fuzzing/FI, the
protocol you've implemented shoudl get decent code coverage, otherwise
there's a wealth of things that can be missed. Protocols that implement a
state machine (like IKE) can get into interesting states (read: fail open)
when you do some things out of order without fuzz/FI and then do some
bitwalking.



Dave's List of Women in the Information Security Industry


You forgot at least one: Katie Moussouris. She is awesome and co-wrote an
article on ARM shellcode a few years back. I think she is active on some
pen
testing lists still. I don't see her or her boyfriend nearly enough, which
is silly since they live
so close to me. There's also Ada, Window, and others. All the cute ones
seem to be from or have lived in Boston.
Weird.

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3

iQA/AwUBQCx6EzM37G8Cnu+zEQIuDACeMZxE6V3ZUHdVGgyJDSNjhsju0JEAniNk
QzeWvbHGnHeIDEsJoRPcp5UF
=X/0t
-----END PGP SIGNATURE-----

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: