Re: Re New Binary Bruteforcing Method Discovered

From: mail; (rivetgeek@rivetgeek.com)
Date: 03/28/02


From: "mail;" <rivetgeek@rivetgeek.com>
To: <vuln-dev@securityfocus.com>
Date: Wed, 27 Mar 2002 18:39:59 -0800

In regards to the original post, go to http://www.phrack.com and scroll
down............

----- Original Message -----
From: "John" <johns@tampabay.rr.com>
To: "Jeff Schaller" <schaller@freeshell.org>
Cc: "Michal Zalewski" <lcamtuf@coredump.cx>; <mixter@2xs.co.il>;
<vuln-dev@securityfocus.com>
Sent: Wednesday, March 27, 2002 5:42 PM
Subject: Re: Re New Binary Bruteforcing Method Discovered

> I think it's worth mentioning that the tool I linked to was not mentioned
or
> tested in this paper. I mentioned this tool because it has quite a few
> command line options and it actually tries to execute arbitrary commands.
>
> ----- Original Message -----
> From: "Jeff Schaller" <schaller@freeshell.org>
> To: "John" <johns@tampabay.rr.com>
> Cc: "Michal Zalewski" <lcamtuf@coredump.cx>; <mixter@2xs.co.il>;
> <vuln-dev@securityfocus.com>
> Sent: March 27, 2002 8:21 PM
> Subject: Re: Re New Binary Bruteforcing Method Discovered
>
>
> > On Wed, 27 Mar 2002, John wrote:
> >
> > > A while back there was a tool that was released that would brute force
> > > binaries and attempt to exploit the bug. It attempted to exploit
simple
> > > stack overflows, but it was a nice tool at the time.
> > >
> > > http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0710.html
> >
> > <two cents>
> > I wrote a paper for SANS last summer which surveyed the available
> > auditing tools (source code scanners, black box testers, and known
> > exploits). Against the simple target program I chose (Hobbit's
> > "webs"), the black-box testers failed miserably, for reasons that
> > I go into in the paper (basically, that they aren't
> > protocol-aware). Brute-force black-box scanners catch the
> > low-hanging fruit, bug-wise.
> >
> > Direct URL (the report is the HTML file inside the ZIP file):
> > http://www.giac.org/practical/Jeff_Schaller_GSNA.zip
> >
> > Other reports available from:
> > http://www.giac.org/GSNA.php
> > </two cents>
> >
> > -jeff
> > --
> > Last week, scientists announced the first-ever cloning of a human
embryo,
> > which they hope to mine for stem cells to treat diseases. What do you
> think?
> > "I think I'll just sit back and let the ignorant, hysterical Christians
> > handle this one." Peter Jordan, Systems Analyst. The Onion.
> >
>