Peter Bondra wrote: > > Hello > I am interested in how you may go about analyzing a binary file to > determine potential format string or buffer overflow holes. > > The platforms I am testing are: SunOs Solaris 2.7/8/9(SPARC) and Windows > NT/2000/XP. You may want to take a look at http://sourceforge.net/projects/bugscam. I never tried it, but I know its main developer, Mr. Halvar Flake. He's very well known and respected when it comes to reverse engeneering. Anyway, remember, always remeber, that any tool is only good in the hands of somebody who can use it... I mean, no tool will find all the bugs, tools will only, hopefully, make auditor's life easier... unless you are only intereseted in finding some bugs, and not all. Oh, uhm... you will need IDApro (http://www.datarescue.com), but if you are going to analyze binary files you'll need it anyway. gera PS: from BugScam Readme This is the preliminary readme file for BugScam. BugScam is a collection of scripts for the commercial debugger IDA Pro (http://www.datarescue.com) that will scan a given binary for problematic uses of certain library functions (e.g. strcpy etc) and generate a nice output file (HTML so far, LaTeX soon). It's release was inspired by the fact that I had libaudit.idc (the "core" engine) lying on my harddisk since early 2001, and never thought someone would bother with something this simple -- but now in 2003 one can find commercial products with almost identical functionality on the Web, and as such I decided to release this as OpenSource.
This archive was generated by hypermail 2b30 : Mon Aug 11 2003 - 15:10:32 PDT