|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Dave Aitel (dave
immunityinc.com)
Date: Tue Aug 14 2007 - 13:55:15 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Is the ISC site down because they got owned or just because they rm'd
something by mistake? How are we going to find out who's a CISSP now?!?
More stuff inline...
Julien Vanegue wrote:
>> Dave Aitel wrote:
>>
>> If I had a quarter for every time someone said to me they were
>> going to reverse a binary into an intermediate language and do
>> slicing on it to find all the bugs, I'd ... well, I'd be able to
>> buy some ice cream at least.
>
> I guess your point is not to state that these techniques are not
> working, since many tools in the academic world are already doing
> this on source code. Maybe thats why people talk about it ?
> Binary-level tools that include program transformation facilities
> also start to appear even if there is no commercial environment
> (afaik) providing it.
I'm sure that almost any static analysis will find SOME bugs. My
opinion is that static analysis is not a game changing event, and
never will be.
In the source code world you have Microsoft's Prefix/Prefast and
Fortify (comes free with the Static Analysis book!) and their
competitors. These are all quite well engineered and have strong
academic credentials, but none of them work. But I have yet to run the
ERESI stuff! So perhaps I will change my entire opinion next week when
I get a chance to do so. :>
>>
>> http://www.immunityinc.com/images/immdbg-stackvars.png
>
>
> Is this script bringing a real innovation, or is it just a
> presentation of the well-known feature of local variables
> recognition with some additional warning messages ?
>
This is a quicky 2-day demo script. Also included as "automatic
analysis" is a simple strncpy(dest, src, strlen(src)); bug finder.
Mostly API documentation in script form.
- -dave
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGwfqRB8JNm+PA+iURAkcDAJsHxBiF6wgY5WVdFRGleKqPWtXMlACgmixC
22QH3+EaKPYjmDTo3cOEx9k=
=z7la
-----END PGP SIGNATURE-----
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]