Vulnerability Development mailing list archives

RE: VisualBasic auditing

From: "Kayne Ian (Softlab)" <Ian.Kayne () softlab co uk>
Date: Wed, 19 Feb 2003 09:27:37 -0000

I believe that up until version 4, VB apps were interpreted at runtime via
what was basically a JIT compiler. I've got an app around here somewhere
that will "dissassemble" an exe built in VB back to it's source and forms.
After v4, I believe (don't quote me) that VB actually compiles the code in
the traditional sense. If you load VB (I've only checked VB6), create an
app, go File - Make YourApp.exe, then click the Options button in the "Save"
dialog, you can change the compiler options on the "Compile" tab.

If you're after an exploit for VB, I'd guess a good place to start is any
time it interfaces with win32api. IIRC, VB does some odd stuff with handles
and gdi objects...

IIRC.

Ian Kayne
Technical Specialist - IT Solutions
Softlab Ltd - A BMW Company

-----Original Message-----
From: Some d00d [mailto:shavidi () yahoo com]
Sent: 16 February 2003 19:13
To: vuln-dev () securityfocus com
Subject: VisualBasic auditing

Hi folks

I am auditing some network application and a 

significant number of them are written in MS Visual 

Basic. Have anyone done some work on exploiting VB 

software before? I assume that traditional methods such 

as buffer overflows will not work here.

Are there any tools around for this (such as VB 

disassemblers and de-scramblers)?

Can you point me to any sources of information?

Thanks in advance, SD





 


******************************************************************** 
This email and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to whom 
they are addressed. 

If you are not the intended recipient or the person responsible for 
delivering to the intended recipient, be advised that you have received 
this email in error and that any use of the information contained within 
this email or attachments is strictly prohibited. 

Internet communications are not secure and Softlab does not accept 
any legal responsibility for the content of this message. Any opinions 
expressed in the email are those of the individual and not necessarily 
those of the Company. 

If you have received this email in error, or if you are concerned with 
the content of this email please notify the IT helpdesk by telephone 
on +44 (0)121 788 5480. 

********************************************************************

Current thread:

VisualBasic auditing Some d00d (Feb 18)
- RE: VisualBasic auditing Rob Shein (Feb 18)
- Re: VisualBasic auditing Cesar (Feb 18)
  - Re: VisualBasic auditing2 gr00vy (Feb 20)
- Re: VisualBasic auditing Voguemaster (Feb 20)
- Re: VisualBasic auditing Arjun Pednekar (Feb 20)
- <Possible follow-ups>
- RE: VisualBasic auditing Kayne Ian (Softlab) (Feb 20)