Re[2]: New Binary Bruteforcing Method Discovered
From: dullien@gmx.deDate: 03/29/02
- Previous message: auto12012 auto12012: "Re: Behavior analysis vs. Integrity analysis [was: Binary Bruteforcing]"
- In reply to: mixter@2xs.co.il: "Re: New Binary Bruteforcing Method Discovered"
- Next in thread: John: "Re: Re New Binary Bruteforcing Method Discovered"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 29 Mar 2002 08:43:26 -0800 From: dullien@gmx.de To: mixter@2xs.co.il
Hey all,
m2ci> Turns out this is just one part of the fuzz concept (and ours). Oh and sorry,
m2ci> sorry, I was far from claiming it as "my technique". :) I can't remember and
m2ci> know about everything new someone thinks of. In any case, I was just sharing
m2ci> some personal work experience in using shared libraries for binary testing.
Just one note on how ooooold (yawn) dynamic-link redirection/hooks
are: In August 1998 it was a known & published technique....
http://www.users.one.se/~stone/window.htm
(search for everything in relation to API-Hooks)
IIRC, Win32.Cabanas was the one of the first Win32-Virii which
utilized same technique to go per-process resident -- and that virus
was found in-the-wild in 1997 ...
Personally, I think security experts should be forced to read up on
virus history... they've been through a lot of *** that gets
're-invented' and 'sold' to the media these days...
Cheers,
dullien@gmx.de
- Previous message: auto12012 auto12012: "Re: Behavior analysis vs. Integrity analysis [was: Binary Bruteforcing]"
- In reply to: mixter@2xs.co.il: "Re: New Binary Bruteforcing Method Discovered"
- Next in thread: John: "Re: Re New Binary Bruteforcing Method Discovered"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
