Penetration Testing mailing list archives
Re: Good advice: Learn Assembly
From: "Micheal Cottingham" <techie.micheal () gmail com>
Date: Sat, 16 Aug 2008 18:53:31 -0400
Definitely. As software makers up the ante, I think it is more important than ever to learn assembly. And if you do fuzz something, you'll still have to go through and work out what/why/how to understand the behavior and to write exploits/PoC. Metasploit and other packages may make things "easy," but someone still had to go through and understand the vulnerability to write the exploit for it. That's my half a cent anyway. Micheal On Sat, Aug 16, 2008 at 2:18 PM, Jim Kelly <macubergeek () comcast net> wrote:
I have a personal goal of learning how to find vulnerabilities with fuzzers and code POCs (preferably in Python). Now I've gotten the traditional advice of "learn assembly" from a couple of folks. I wonder if that is necessary these days. I always thought one needed to learn assembly to code shell code. With the capabilities of Metasploit, I wonder if this is still true? Do you need to know assembly coding to decipher the output of disassemblers like IDA Pro or debuggers like Olly? Setting aside the logistical problems of finding a local college that still teaches assembly....am I overlooking something here? All comments welcome. Jim ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes inSecuring Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- Good advice: Learn Assembly Jim Kelly (Aug 16)
- Re: Good advice: Learn Assembly Jan Muenther (Aug 16)
- Re: Good advice: Learn Assembly Joel Jose (Aug 16)
- Re: Good advice: Learn Assembly Micheal Cottingham (Aug 16)
- Re: Good advice: Learn Assembly Omar Herrera (Aug 16)
- Re: Good advice: Learn Assembly Colin Copley (Aug 17)
- Re: Good advice: Learn Assembly Sanjay R (Aug 17)
- RE: Good advice: Learn Assembly John Vill (Aug 19)