From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from sonic307-2.consmr.mail.bf2.yahoo.com (sonic307-2.consmr.mail.bf2.yahoo.com [74.6.134.41]) by sourceware.org (Postfix) with ESMTPS id 9404B3858C5F for ; Sun, 24 Sep 2023 18:12:52 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 9404B3858C5F Authentication-Results: sourceware.org; dmarc=pass (p=reject dis=none) header.from=yahoo.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=yahoo.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1695579172; bh=4DcVx5XtOu5DBklD6AE2bnFhDDz9EK8/RJuDWTXcu3s=; h=Date:From:Reply-To:To:In-Reply-To:References:Subject:From:Subject:Reply-To; b=SClv4a1rSL5vR0QgmrdUQXtJi6wgOOzrAc5fda1UFrxQsPq87d/ttnGxWYMbW2hDgSIhVy1jxx4v2ck0lA50Mx1lUUtUVOI4Qhkfat+zzPNGQfGRjxOdABJyELjmB9OelfhGtz/RZQrVwY6eGNZRJ5GQltYqc/Q6DhqhJVITgWmsntW0pFq2mb3HqXBLUWPRPbB/H65H86PzBnTsR+7CDZiuQsK9z5qs3Wbs97oOFmS0AwwmQt2jE2huwmg45qxWX3XmcN3ZQzOmSI265Y1qrwOXZmF1DBywT9aq+gfFzNKbgffrvuDvSIysVFMSVrMm5vyTfElhKdewfqoB611qJQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1695579172; bh=NZwHm9fA7YG2LscMewn5kTk7qUPSeVLOB8mIj3+Jiy0=; h=X-Sonic-MF:Date:From:To:Subject:From:Subject; b=NbR5l7E9eEDcVm7iBz1S1A9QF/Dm3HA+ZYJnypGwYe/mRfAymwRilUH/I87P+7o7CWfDR6LoKLw95KIL1WETiFhqLt4WUtsAlYcMssm6dIeV7ohKewAeqb+pDbp3phxCCwEX3nxek+844o9JpSeU3XD8xS9CGOoqx3udQG8L15eVhHfqhC0NkaswU7/P66JFzL1addZfU3VtSD19MpG8DiNEV+B9Pj1VOvTyl6Bt/5WTjKl77myPeDlqcCrYdGZTADN235Tr+MZNAJJ3tUao8Wi4kAukBMRh2pHug8rxrJRlHmpLFNJXH/CGpUoyFPwYW3dt2ZgeggUVAIr5XpgsuQ== X-YMail-OSG: 3SM90esVM1kSo6DtqYOiLSkkqrYuWtItCM.KvPuc3wOMLigZBkvduXSTI9OH2dJ cqAG2cD405Fbk6OSqndOQJ8DbWsJyBMVxvAtCpfPe2G6HU4CFD0Jqd4gwpSzq0wXZfu.frJqjzC0 BmCCGTNonbOlZI3AjFdMQqCZk8iet59BerbCeOvRiYb8jedq_b2YFDzRnO9jK85DaWGOrYVpXfNb Smw5Y5lGGhIQZIfehYpcu_CIb2OlsEs_VEhAxLJ9gSJFWteQ845nhE.VTy0AHjk0Xn0nNVqv2hFA t9a_suudvMz0hFogNS5G69UD6ZY4xglBNRsxGOqB2qoRW6gPmMwmESD_vYQOuAD67ZbyZovw_bGv zE2sTLHTOHaIvNB2hNzdzqWosyo1EixDf4y1yATA7wjt.z3gfAqc1v6vjJBmB0SBBd2Rs.DR02o1 VGqQr1fNxD0KRXaY7fvKWifs61o7JXV8Ny9X_uug7d2WBOVI0a.keHYPAavPCp9LAvo0V6Tq_nVH hHXSwl_bYwTUW7Z40Ty_EHiSZs6jl3u516A_.ixyvEI4OhjvHk8oh.DnItPhDMB4NnM4kuG1L_5t 9NBlgXZmR8rXgN3sKoUUh81H0mU7prTupdsosk41hChT_CRfxltvlJXc7GLdEVHwhaOMx_8rydFy tEojXBr_QHOvxonXOoxM3AKZgSMZlz8bMt4X.KVVdNbEm6eacdq1K9O3TuXdE8U5JFeM.pcbhYQv 7k0Kw9ZA2rV3KpFPyfgo9KkRSXergcMAmLsEkYUX5_bSzVe8rl92wsiM8Qjh6STXkt0mKMrCUx9r 0JXkIJfJ6wAsKx75.0aD7NmQWNP87VKJTzi52BGw7xf0Th2iUcRdGdNL9Es4I51oXAczDa_0Lpye ktxi.MuAXa_kbVoUrB.A.69qbse2vosCbzqhJ9ufhnz7.rZjSdjZELW4rdWGQSxVQtRqm6uy8Cv_ I7N28EZYpZTfZ2h8CSkrBzgAe0mXxVGWZDCudiEkEgf1tzbwkFK3qtEq0CuV4eEIRq3vE76VdeP4 XRMo2OzFBn1u47ow2KyBBzqjTeQLF2hsVf6bltoUlHxNIcAuhuWHn9hcX1b9wDmm6IDc6X7R9085 NPClSrBj7WCa67ymMbkkncl_yx_cY0uFBXuLlY30XxEWz.2o.n6_d76LAOxIP3Is_.ZXCxCTxEYD jhlRIMCFmsZWh8GV59eVjicCvpfs4j.dg_QhoLcQhmxj483hSh3yKefc4OKrMHyQE5_xNqarvW1g zBlHiyccAJL29CPWZ.O8CeTBZriqPrqaV1mWMX8JFC.KDhRUYLUJnvCUrSi.1SyYGfsRsbPHdbcu dkTK2lPHj_iBMVFcE.kJKW436bpN2Fa0Qyl4gRg8QI6WLpLIMX6giCCILpfisYxczEoxDVE.qAd1 EQOuL0HiQysfEPtDd_Pu4UtuRCAWZmvo2rJ5d9.4vKYDAhDUNKM56mI3sVFVgLxe6YXilHTApnkc ZRLnvaqs8mk6ZLhhDJBC3EfzZDxY6dXgInzTiS_mnNaMXbcXDhKVpDQhLnRoZqGAbxrb3UsIp6.3 WYwXJvZZhu2PU7f_AtFek8RZOH_3.9Em_gbvEtwRyz8MQ88eiOO4fMSdGbreDG8mGLV2qoWZSUYz BFEaMUwKBoQ4EfT9Ey6rfIh1JT86m.ms7yNQ6qzidg4mcch2NYp.ny0ZrK2WqmY41_DZFWrj_jGz SwLitVtvbg_jzhl0nnV8_x9MsSfmWGNqCWZpg7RRQMyzntZ0KfHcrTYi.KTQENbfZEtF7SowcSTz Qmj71_2kfqWm3WCm.bdvMowiOrfejvLXdd8G8ErF.GJqkGfxxNA0gN8mJZg3G0m5U5Tx._tBKTpX IOLXjOKm4SnmtqA1Iji1i_abg2eMHi3r95nQMX292JFMYkUF4H_sKkmG5diBurUWQVii.FQzfFYM DAYWNq1.Q5liYNLCOCyNImtqkrkJBv5iTVb5L__avKYZfrVEEuXBMdIGxJePmfxisCuns65l0nQM lxsUA7Rfnt38MxqfOInERGQyBRxCBuIVN0lTH1nH5aMT78lpYGNSk_C_QOGhJql2pW2jQfCg2EzD ioz0Djtu.KhHHPN02LGP.5x4mUfhUy2QxZD7m7C_yOeQkZ5sJnD9epW29phCFCAy7KsPxjD.2cem sAGhewgoiIbBR3bP_OciNWrRwv9uAGcfs3ySBe5.a42EgKXw1aQwxJIj6nCMGBdSgDHCVr.XY.X. eUyfjTvqcwjxIetyb_y46UgM6DdbPqSImrG7pEGWbe9JWjMo_ddTGruxUlja8zWd8deJ3w9Dj498 YZgBCh0xikXLK7dWsM.IT8hjnhRNu3sjLSiOdF69Gr6ZaOw5rtwfHZnhLncJEyUdNKWBD1mHD8MD 9z9OeXcp0XfE- X-Sonic-MF: X-Sonic-ID: ab18af39-721f-4f12-ab2b-b7b0344d199f Received: from sonic.gate.mail.ne1.yahoo.com by sonic307.consmr.mail.bf2.yahoo.com with HTTP; Sun, 24 Sep 2023 18:12:52 +0000 Date: Sun, 24 Sep 2023 18:12:42 +0000 (UTC) From: Jason Long Reply-To: Jason Long To: Guinevere Larsen , SCOTT FIELDS via Gdb Message-ID: <1700896107.3285250.1695579162353@mail.yahoo.com> In-Reply-To: <4e6bdb93-4671-9ee6-5a89-b9ffba797cff@redhat.com> References: <2065504698.3252109.1695560949235.ref@mail.yahoo.com> <2065504698.3252109.1695560949235@mail.yahoo.com> <4e6bdb93-4671-9ee6-5a89-b9ffba797cff@redhat.com> Subject: Re: Debugging vs Reverse Engineering MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_3285249_613188098.1695579162351" X-Mailer: WebService/1.1.21797 YahooMailAndroidMobile X-Spam-Status: No, score=-0.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: ------=_Part_3285249_613188098.1695579162351 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hi Larsen,Thank you so much for your reply.Your answer raised other questio= ns in my mind. What do you mean by "Giving the program unexpected or malicious inputs."? D= o you mean Fuzzing? Please take a look at these vulnerabilities: https://www.cvedetails.com/cve/CVE-2022-31705/ https://www.cvedetails.com/cve/CVE-2023-32209/ What technique did the person who found these vulnerabilities use? Debuggin= g or Reverse Engineering? =20 =20 On Sun, Sep 24, 2023 at 4:53 PM, Guinevere Larsen wro= te: On 24/09/2023 15:09, Jason Long via Gdb wrote: > Hello folks,I have two questions: Hello, thanks for the questions! > 1- Can a debugger like GDB be used to find the vulnerability? Yes, you could use GDB to find some security vulnerabilities, though it=20 is hardly the best tool for this job. The kind of stuff you'd find with=20 GDB is a logic mistake that leads to information leaks or similar. In my=20 experience, though, GDB is more useful to look at one unexpected=20 behavior and figure out if that leads to a security vulnerability or=20 not, rather than going form scratch and giving the program unexpected or=20 malicious inputs. > > 2-=C2=A0When a hacker finds a vulnerability in a program, has that hacker= used debugging techniques or reverse engineering? Reverse engineering doesn't necessarily have to do with security.=20 Reverse engineering is the act of getting something that is not=20 understood and trying to understand it without having access to any kind=20 of documentation. I don't recommend running unknown binaries in your=20 machine, since GDB doesn't provide any security, but if you are doing=20 that, stepping slowly and trying to understand how the program works,=20 you are doing reverse engineering. It doesn't have to relate at all to=20 security. With that in mind, the answer to your question is "it depends". The=20 stuff you can find with GDB alone will always involve debugging=20 techinques, but with regards to reverse engineering techniques, the=20 question is does the vulnerability come in from the fact that the=20 attacker knows the internal mechanisms for the program or not? If it=20 does, then yes you could say you found a vulnerability by reverse=20 engineering. > Any idea welcomed. > > Thank you. > I hope this helps! --=20 Cheers, Guinevere Larsen She/Her/Hers =20=20 ------=_Part_3285249_613188098.1695579162351--