Results 1 to 2 of 2

Thread: Finding vulnerabilities

  1. #1
    Senior Member therenegade's Avatar
    Join Date
    Apr 2003

    Finding vulnerabilities

    How do you find out a vulnerability in a program's code if its not open source..I mean is it just random testing for certain things?

  2. #2
    Senior Member
    Join Date
    Jul 2003
    Yes allot of it is random testing, Ive found several buffer overruns by this method.

    You can also decompile the code and work from there I dont have a great deal of knowledge of doing this, but for most bufferflows it involves some form of input/ memory storage, these can be seen in decompiled code quite easily.

    I have talked only about bufferoverruns as there still one of the most common forms of vunerabilitys but there are other methods such as altering settings or doing something in ways that wouldnt normally be done


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts