Re: Analyze binary for holes

From: Gerardo Richarte (gera_at_corest.com)
Date: 08/12/03

  • Next message: Michael Wojcik: "RE: Bug in Norton FireWall 2003"
    Date: Mon, 11 Aug 2003 19:09:40 -0300
    To: Peter Bondra <olafandjasper@hushmail.com>
    
    

    Peter Bondra wrote:
    >
    > Hello
    > I am interested in how you may go about analyzing a binary file to
    > determine potential format string or buffer overflow holes.
    >
    > The platforms I am testing are: SunOs Solaris 2.7/8/9(SPARC) and Windows
    > NT/2000/XP.

            You may want to take a look at http://sourceforge.net/projects/bugscam.
    I never tried it, but I know its main developer, Mr. Halvar Flake. He's very
    well known and respected when it comes to reverse engeneering. Anyway, remember,
    always remeber, that any tool is only good in the hands of somebody who can
    use it... I mean, no tool will find all the bugs, tools will only, hopefully,
    make auditor's life easier... unless you are only intereseted in finding some
    bugs, and not all.

            Oh, uhm... you will need IDApro (http://www.datarescue.com), but if
    you are going to analyze binary files you'll need it anyway.

            gera

    PS: from

    BugScam Readme

    This is the preliminary readme file for BugScam.
    BugScam is a collection of scripts for the commercial debugger IDA Pro
    (http://www.datarescue.com) that will scan a given binary for problematic
    uses of certain library functions (e.g. strcpy etc) and generate a nice
    output file (HTML so far, LaTeX soon). It's release was inspired by the
    fact that I had libaudit.idc (the "core" engine) lying on my harddisk
    since early 2001, and never thought someone would bother with something
    this simple -- but now in 2003 one can find commercial products
    with almost identical functionality on the Web, and as such I decided to
    release this as OpenSource.


  • Next message: Michael Wojcik: "RE: Bug in Norton FireWall 2003"