Penetration Testing mailing list archives

Re: ActiveX object analysis tools?

From: "Tri Huynh" <trihuynh () zeeup com>
Date: Fri, 31 Oct 2003 01:56:22 -0800

Hi,

There are couple tools that can help you to analyze ActiveX security. One is
COMBust
(http://www.atstake.com/research/tools/vulnerability_scanning/) that can
automatically fuzz
the IDispatch interface of an ActiveX control. But this tool is kind of lame
to me; however,
if you are interested in it, there is a presentation about it somewhere on
BlackHat site. Another good
tool is DrCom
(http://www.atstake.com/research/tools/vulnerability_scanning/) which
is not free though. It allows you to see the behavior of the ActiveX objects
and also let
you invoke the functions manually. Hope that help.

Trihuynh
Sentryunion


----- Original Message ----- 
From: "Greg Owen" <gowen-pentest () swynwyr com>
To: <pen-test () securityfocus com>
Sent: Thursday, October 30, 2003 12:24 PM
Subject: ActiveX object analysis tools?


Any recommendations for tools that would be helpful analyzing an ActiveX
object?

I assume that some of the standard MSDE tools would help enumerate
interfaces.  Any other tools?  Frameworks for input fuzzing?  Guidelines
or methodologies?

Any help is appreciated.

-- 
gowen -- Greg Owen -- gowen-pentest () swynwyr com
79A7 4063 96B6 9974 86CA  3BEF 521C 860F 5A93 D66D


--------------------------------------------------------------------------

Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_pen-test_031023
and use priority code SF4.
--------------------------------------------------------------------------

--



---------------------------------------------------------------------------
Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_pen-test_031023
and use priority code SF4.
----------------------------------------------------------------------------

Current thread:

ActiveX object analysis tools? Greg Owen (Oct 30)
- Re: ActiveX object analysis tools? Cesar (Oct 31)
- Re: ActiveX object analysis tools? Tri Huynh (Oct 31)