Sign in to follow this  
Followers 0
hidden_user

finding exploits in a program

7 posts in this topic

Well I have several questions to ask about this. How do people find exploits in a software program? do they just sit there and read over the code of it and try to figure out what can go wrong or is there some secret to it? What programs are used to find exploits in software?

0

Share this post


Link to post
Share on other sites

It depends on what you are looking for a vulnerability in and what kind of vulnerability. When you have source available, it is one of the ways that they can be found by not the only. One of the choices is fuzzing which is attempting to try unexpected input which the program may not handle correctly. Sometimes bugs are found just through normal use and they can later be confirmed as being exploitable. If you really want to understand how to find and exploit vulnerabilities, I'd suggest learning as much as you can about programming as it really is the only way to do so.

0

Share this post


Link to post
Share on other sites

Some programs - Disassemblers (IDA Pro), Decompilers, Hex Editors, Resource Viewers, some Hacking Tools (check out http://sectools.org/), and on and on...

Consider looking into reverse engineering. Books such as "Reversing: Secrets of Reverse Engineering" and "

Hacking: The Art of Exploitation" -- these will cover things on how to identify structures, routines, etc.

Also, you may want to check out Fravia's labyrinth of knowledge at fravia.com

teque

0

Share this post


Link to post
Share on other sites

I got a friend of mine to lend me Reversing: Secrets of Reverse Engineering and it is really good and teaches you ASM as well. It shows lots of different ways to reverse engineer programs. thanks for the help.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0