Hosting Provided By

Analyze binary for holes

From: Peter Bondra <olafandjasper(at)hushmail.com>
Date: Tue Jul 29 2003 - 12:20:07 EDT

('binary' encoding is not supported, stored as-is)

Hello
I am interested in how you may go about analyzing a binary file to determine potential format string or buffer overflow holes.

The platforms I am testing are: SunOs Solaris 2.7/8/9(SPARC) and Windows NT/2000/XP.

This is my process, maybe you could direct and fill in the massive blanks:

UNIX:
In the unix world my first step is to list out the SUID-root files. My next step is to identify which files have potential vulnerabilities. On the Unix side I have used strings, but what does that tell me about. I have seen a few mallocs, callocs, and things that look like a format string for a printf... But not sure what to do next...SO I was thinking of brute forcing the binary command line args and/or environmental vars to see if I can dump core..

Can you identify potential format string vulnerabilities from binary? Can you identify potential buffer overflow vulns. from binary?

WINDOWS:
I have no idea how to recognize a vulnerable program in the Windows word.Is there anything like SUID-roor, etc??

Thanks Received on Wed Jul 30 15:27:02 2003

This message: [ Message body ]
Next message: Diode Trnasistor: "Re: perl/php connect-back backdoor?"
Previous message: . npguy: "Re: Some help With BOF Exploits Writing."
Next in thread: Karma: "Re: Analyze binary for holes"
Reply: Karma: "Re: Analyze binary for holes"
Reply: DownBload: "Re: Analyze binary for holes"
Reply: xenophi1e: "Re: Analyze binary for holes"
Reply: Gerardo Richarte: "Re: Analyze binary for holes"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:40 EDT

Do you need help?