From: dullien@gmx.de
Date: Fri Mar 29 2002 - 11:43:26 EST
Hey all,
m2ci> Turns out this is just one part of the fuzz concept (and ours). Oh and sorry,
m2ci> sorry, I was far from claiming it as "my technique". :) I can't remember and
m2ci> know about everything new someone thinks of. In any case, I was just sharing
m2ci> some personal work experience in using shared libraries for binary testing.
Just one note on how ooooold (yawn) dynamic-link redirection/hooks
are: In August 1998 it was a known & published technique....
http://www.users.one.se/~stone/window.htm
(search for everything in relation to API-Hooks)
IIRC, Win32.Cabanas was the one of the first Win32-Virii which
utilized same technique to go per-process resident -- and that virus
was found in-the-wild in 1997 ...
Personally, I think security experts should be forced to read up on
virus history... they've been through a lot of shit that gets
're-invented' and 'sold' to the media these days...
Cheers,
dullien@gmx.de
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:28:02 EDT