NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Immunitysec Daily Dave> 2007-q3

Re: [Dailydave] An os x worm, oh noes!

From: Bee Binger (bbinger123yahoo.com)
Date: Mon Jul 16 2007 - 18:22:01 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Interesting on the assembler writing. I was curious on a few points about it

Which syntax is it going to support?
Is it going to have many high level helpers like masm or be more bare bones?
Probably most important ... which types of object files will it be able to produce? Is it going to be a quick learning experince or is it being designed more modular so other people can extend it?

My only suggestion would to be keep it nasm style and make the coder specify sizes on compares, moves, "lea"s and other operations where the size of the operation can be ambigious. It makes the coder have to cocentrate more.

Dave Aitel <daveimmunityinc.com> wrote: -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I note that "Infosecurity Sellout" is claiming there is another bug in
mDNS which is wormable.[1] This is obviously untrue, since there are
no more remote bugs in OS X.

For the record, I did not discover any bugs in mDNS previously. For
the past few days I've been writing an x86 assembler - I'm usually
doing such things. When I'm not doing consulting work, I work on the
guts of CANVAS. This leaves very little time for exploit writing.
Writing an x86 assembler can be fun though. There really aren't very
many good papers on how to do this sort of thing from a practical
perspective so when I'm done, I'll write it up.

- -dave
http://infosecsellout.blogspot.com/2007/07/oh-look-apple-worm.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGm52QB8JNm+PA+iURAteoAJ9MuJfewZyemWN9ojujYmdfeDoZ6QCeKguw
ZMvSX+HkVKafwqk9zIUoO1s=
=ADYC
-----END PGP SIGNATURE-----

_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave

---------------------------------
Sucker-punch spam with award-winning protection.
Try the free Yahoo! Mail Beta.

_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]