Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re New Binary Bruteforcing Method Discovered

From: Michal Zalewski <lcamtuf () bos bindview com>
Date: Wed, 27 Mar 2002 17:06:08 -0500 (EST)
On Wed, 27 Mar 2002, Blue Boar wrote:


Hello? I think you do not really understand what I was trying to say - try
'Turing "halting problem"' in google.com.


What he is trying to get at is that you can define a fixed amount of
time as a maximum, and simply kill the process at that point, if you
don't have an answer yet.


My (ironical) question about finding the answer to the halting problem in
finite time was a response to this one single particular claim about
finding all exploitable vulnerabilities in any local privileged program.
Of course, it is possible to perform simplified run-time or source code
analysis when you make certain risky and very simplified assertions, and
many applications, including this one, will help you do that. This does
not change the fact that the initial claim is completely bogus, especially
in the case of such a simple run-time tool.

But I am not sure Mixter meant what you said. Let me quote: " Then again,
of course you can write a little program to enumerate processes in the
group of the shell process running the library interception tests, then
check their activity time and send them appropriate signals to continue
when they stall..." - which sounds more like he's referring to some
strange situation in which the program stops executing and has to be
resumed (perhaps by sending SIGCONT?).

-- 
_____________________________________________________
Michal Zalewski [lcamtuf () bos bindview com] [security]
[http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};:
=-=> Did you know that clones never use mirrors? <=-=
          http://lcamtuf.coredump.cx/photo/
Previous By Date Next
Previous By Thread Next

Current thread: