Well, As for VB auditing there are several things that one can do. For starters, the best VB analysis tool is definately Numega's SmartCheck. Even without sources it can pretty much analyze what the program is doing. Now, security vulnerabilities in the VB VM aside, the only other places to look for are interactions of the VB program with the environment in which it is running. For example, using external resource of any kind can pose a security threat. Exchanging data with other components (mainly client programs or otherwise untrusted input sources) is hazardous as well. It will be worth looking into how good of an implementation there is in this program. Remember, unexpected behavious can occur in all sorts of way, not only exploiting an unchecked buffer. As for the oldest trick in the book (almost), if there is communication with an external resource which is not written in VB, who knows. BTW, it is possible to crash a VB program or create some sort of DoS on it. The VM handles it pretty well enough but a vulnerability in the software itself is still a vulnerability. SmartCheck and other tools can be used to audit the program. For PCODE programs you'd have to approach the matter differently. Probably using some sort of decompiler. Even debuggers can be used (SoftIce comes to mind) if you're experienced enough not to get lost in the bloated code of a VB application. Eli On Sun, 16 Feb 2003 19:12:32 +0000, Some d00d <shavidiat_private> wrote: > > > > > > > Hi folks > > > > > > > > > > I am auditing some network application and a > > significant number of them are written in MS Visual > > Basic. Have anyone done some work on exploiting VB > > software before? I assume that traditional methods such > > as buffer overflows will not work here. > > > > > > > > > > Are there any tools around for this (such as VB > > disassemblers and de-scramblers)? > > > > > > Can you point me to any sources of information? > > > > > > > > > > Thanks in advance, SD > > -- Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/
This archive was generated by hypermail 2b30 : Thu Feb 20 2003 - 08:44:28 PST