Hosting Provided By

Re: Analyze binary for holes

From: DownBload <downbload(at)hotmail.com>
Date: Thu Jul 31 2003 - 18:19:18 EDT

('binary' encoding is not supported, stored as-is)
In-Reply-To: <20030729162007.7689.qmail@www.securityfocus.com>

You can use strings for easy finding potential vulnerable functions.

# strings /bin/ls | grep strcpy
# strings /bin/sh | grep sprintf
# strings /bin/tralalal | grep syslog 
# strings /bin/format   | grep fprintf

If potential vulnerable function is found, you only know that function is used, but you don't know if that function is used in wrong way. Try to disassemble with gdb and look for flaws or brute force args and env.

Regards,
DownBload / Illegal Instruction Labs

>
>Hello
Received on Thu Jul 31 18:37:10 2003

This message: [ Message body ]
Next message: Shaun Clowes: "Re: Analyze binary for holes"
Previous message: DownBload: "Re: Some help With BOF Exploits Writing. - EAX ?!"
In reply to: Peter Bondra: "Analyze binary for holes"
In reply to Karma: "Re: Analyze binary for holes"
Next in thread: Shaun Clowes: "Re: Analyze binary for holes"
Reply: Shaun Clowes: "Re: Analyze binary for holes"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:40 EDT