Re: ActiveX object analysis tools?

From: Tri Huynh (trihuynh@zeeup.com)
Date: Fri Oct 31 2003 - 04:56:22 EST


Hi,

There are couple tools that can help you to analyze ActiveX security. One is
COMBust
(http://www.atstake.com/research/tools/vulnerability_scanning/) that can
automatically fuzz
the IDispatch interface of an ActiveX control. But this tool is kind of lame
to me; however,
if you are interested in it, there is a presentation about it somewhere on
BlackHat site. Another good
tool is DrCom
(http://www.atstake.com/research/tools/vulnerability_scanning/) which
is not free though. It allows you to see the behavior of the ActiveX objects
and also let
you invoke the functions manually. Hope that help.

Trihuynh
Sentryunion

----- Original Message -----
From: "Greg Owen" <gowen-pentest@swynwyr.com>
To: <pen-test@securityfocus.com>
Sent: Thursday, October 30, 2003 12:24 PM
Subject: ActiveX object analysis tools?

>
> Any recommendations for tools that would be helpful analyzing an ActiveX
> object?
>
> I assume that some of the standard MSDE tools would help enumerate
> interfaces. Any other tools? Frameworks for input fuzzing? Guidelines
> or methodologies?
>
> Any help is appreciated.
>
> --
> gowen -- Greg Owen -- gowen-pentest@swynwyr.com
> 79A7 4063 96B6 9974 86CA 3BEF 521C 860F 5A93 D66D
>
>
> --------------------------------------------------------------------------
-
> Network with over 10,000 of the brightest minds in information security
> at the largest, most highly-anticipated industry event of the year.
> Don't miss RSA Conference 2004! Choose from over 200 class sessions and
> see demos from more than 250 industry vendors. If your job touches
> security, you need to be here. Learn more or register at
> http://www.securityfocus.com/sponsor/RSA_pen-test_031023
> and use priority code SF4.
> --------------------------------------------------------------------------

--
>
>
>
---------------------------------------------------------------------------
Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_pen-test_031023
and use priority code SF4.
----------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:41 EDT