Re: VisualBasic auditing

From: Cesar (cesarc56at_private)
Date: Tue Feb 18 2003 - 12:12:02 PST

Next message: exceat_private: "Is this an off-by-one overflow?"

Previous message: Rob Shein: "RE: VisualBasic auditing"
In reply to: Some d00d: "VisualBasic auditing"
Next in thread: gr00vy: "Re: VisualBasic auditing2"
Next in thread: Voguemaster: "Re: VisualBasic auditing"
Reply: gr00vy: "Re: VisualBasic auditing2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

You can exploit SQL injection in Visual Basic
applications. Also some applications have
authentication (users and passwords) information built
in the code, so you can look at the .exe using strings
(from sysinternals), hex editors, etc.

Cesar.
--- Some d00d <shavidiat_private> wrote:
> 
> 
> 
> 
> Hi folks
> 
> 
> 
> 
> I am auditing some network application and a 
> significant number of them are written in MS Visual 
> Basic. Have anyone done some work on exploiting VB 
> software before? I assume that traditional methods
> such 
> as buffer overflows will not work here.
> 
> 
> 
> 
> Are there any tools around for this (such as VB 
> disassemblers and de-scramblers)?
> 
> 
> Can you point me to any sources of information?
> 
> 
> 
> 
> Thanks in advance, SD

__________________________________________________
Do you Yahoo!?
Yahoo! Shopping - Send Flowers for Valentine's Day
http://shopping.yahoo.com

Next message: exceat_private: "Is this an off-by-one overflow?"
Previous message: Rob Shein: "RE: VisualBasic auditing"
In reply to: Some d00d: "VisualBasic auditing"
Next in thread: gr00vy: "Re: VisualBasic auditing2"
Next in thread: Voguemaster: "Re: VisualBasic auditing"
Reply: gr00vy: "Re: VisualBasic auditing2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Feb 18 2003 - 12:19:09 PST