[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bashing your head against nation-state social engineering

To: "Subrosa.io" <[email protected]>, [email protected]
Subject: bashing your head against nation-state social engineering
From: [email protected] (Stephan Neuhaus)
Date: Mon, 29 Sep 2014 08:58:24 +0200
Cc: [email protected]
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]>

On 2014-09-28 15:47, Subrosa.io wrote:
> I think this vulnerability should have been discovered with any kind of basic fuzzing.

If I understand the vulnerability correctly, it occurs in very specific 
circumstances, namely trailing data at the end of a function definition 
that's transported in an environment variable.

In that case, I'd venture that *no* kind of "basic fuzzing" could have 
uncovered this; the proportion of ShellShock-inducing environment 
variable definitions among all possible environment variables is simply 
too small.

What you would need instead is very specific syntax-directed fuzzing, 
and even then I'm not sure that you have a decent chance of discovering 
this without knowing already that it's there.

Fun,

Stephan

References:
- bashing your head against nation-state social engineering
  - From: [email protected] (Subrosa.io)

Prev by Date: bashing your head against nation-state social engineering
Next by Date: Manufacturing open hardware
Previous by thread: bashing your head against nation-state social engineering
Next by thread: Torrent of Cryptome archive 2014-06-02 (22GB)
Index(es):
- Date
- Thread