Re: ActiveX object analysis tools?
From: Tri Huynh (trihuynh_at_zeeup.com)
Date: 10/31/03
- Previous message: No Man: "Cisco LEAP"
- In reply to: Greg Owen: "ActiveX object analysis tools?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Greg Owen" <gowen-pentest@swynwyr.com>, <pen-test@securityfocus.com> Date: Fri, 31 Oct 2003 01:56:22 -0800
Hi,
There are couple tools that can help you to analyze ActiveX security. One is
COMBust
(http://www.atstake.com/research/tools/vulnerability_scanning/) that can
automatically fuzz
the IDispatch interface of an ActiveX control. But this tool is kind of lame
to me; however,
if you are interested in it, there is a presentation about it somewhere on
BlackHat site. Another good
tool is DrCom
(http://www.atstake.com/research/tools/vulnerability_scanning/) which
is not free though. It allows you to see the behavior of the ActiveX objects
and also let
you invoke the functions manually. Hope that help.
Trihuynh
Sentryunion
----- Original Message -----
From: "Greg Owen" <gowen-pentest@swynwyr.com>
To: <pen-test@securityfocus.com>
Sent: Thursday, October 30, 2003 12:24 PM
Subject: ActiveX object analysis tools?
>
> Any recommendations for tools that would be helpful analyzing an ActiveX
> object?
>
> I assume that some of the standard MSDE tools would help enumerate
> interfaces. Any other tools? Frameworks for input fuzzing? Guidelines
> or methodologies?
>
> Any help is appreciated.
>
> --
> gowen -- Greg Owen -- gowen-pentest@swynwyr.com
> 79A7 4063 96B6 9974 86CA 3BEF 521C 860F 5A93 D66D
>
>
> --------------------------------------------------------------------------
-
> Network with over 10,000 of the brightest minds in information security
> at the largest, most highly-anticipated industry event of the year.
> Don't miss RSA Conference 2004! Choose from over 200 class sessions and
> see demos from more than 250 industry vendors. If your job touches
> security, you need to be here. Learn more or register at
> http://www.securityfocus.com/sponsor/RSA_pen-test_031023
> and use priority code SF4.
> --------------------------------------------------------------------------
-- > > > --------------------------------------------------------------------------- Network with over 10,000 of the brightest minds in information security at the largest, most highly-anticipated industry event of the year. Don't miss RSA Conference 2004! Choose from over 200 class sessions and see demos from more than 250 industry vendors. If your job touches security, you need to be here. Learn more or register at http://www.securityfocus.com/sponsor/RSA_pen-test_031023 and use priority code SF4. ----------------------------------------------------------------------------
- Previous message: No Man: "Cisco LEAP"
- In reply to: Greg Owen: "ActiveX object analysis tools?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
