From: Jason Long <hack3rcon@yahoo.com>
To: Paul Koning <paulkoning@comcast.net>
Cc: Eli Zaretskii via Gdb <gdb@sourceware.org>
Subject: Re: Is GDB just for bug hunting?
Date: Thu, 15 Apr 2021 08:24:14 +0000 (UTC) [thread overview]
Message-ID: <1476048927.1326221.1618475054655@mail.yahoo.com> (raw)
In-Reply-To: <40861674-D931-44C6-A4CE-50DC6516DEDF@comcast.net>
Thank you so much.
Thus, anybody that find a vulnerability in a software is a Reverse Engineer and not a Debugger. Am I right?
I searched in the Youtube.com and realized that someone use GDB for Reverse Engineering!!!
Can you introduce me a book about GDB or debugging that is OK for a beginner?
On Wednesday, April 14, 2021, 11:18:28 PM GMT+4:30, Paul Koning <paulkoning@comcast.net> wrote:
> On Apr 14, 2021, at 2:37 PM, Jason Long <hack3rcon@yahoo.com> wrote:
>
> Thank you for your useful info.
> If a program is close source, then code review canceled. Thus, how a security researcher finds a vulnerability in a program?
Agreed, code review only applies if the source is visible. More precisely, if the source is allowed to be disclosed; researchers looking at the code while under NDA does not count and serves no significant purpose.
In those case, you're left with test stimuli and reverse engineering. For "never seen before" defects, you either need luck (an existing test happens to catch it) or a different kind of luck (you created a new test that happens to catch it) or lots of skill (you saw the issue during a reverse engineering session).
GDB can help with reverse engineering. It's probably not ideal for disassembly let alone decompiling, but it does offer disassembly and it also gives you insight into the state of the running application and how it changes during execution.
paul
prev parent reply other threads:[~2021-04-15 8:24 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <581661034.1177110.1618422536149.ref@mail.yahoo.com>
2021-04-14 17:48 ` Jason Long
2021-04-14 18:02 ` Paul Koning
2021-04-14 18:37 ` Jason Long
2021-04-14 18:48 ` Paul Koning
2021-04-14 19:05 ` Joel Sherrill
2021-04-15 8:24 ` Jason Long [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1476048927.1326221.1618475054655@mail.yahoo.com \
--to=hack3rcon@yahoo.com \
--cc=gdb@sourceware.org \
--cc=paulkoning@comcast.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).