Comments on: How to pwn PWN2OWN http://www.tssci-security.com/archives/2008/03/27/how-to-pwn-pwn2own/ top secret/secure computing information Thu, 01 Apr 2010 15:34:41 -0500 http://wordpress.org/?v=2.8.6 hourly 1 By: David Molnar http://www.tssci-security.com/archives/2008/03/27/how-to-pwn-pwn2own/comment-page-1/#comment-5344 David Molnar Fri, 28 Mar 2008 04:26:46 +0000 http://www.tssci-security.com/archives/2008/03/27/how-to-pwn-pwn2own/#comment-5344 "For Leopard and Vista, EFS as first-pass and Catchconv (with vgprof, STP, and a copy of “Open-Source Fuzzing”) as second-pass are going to be ideal choices, although EFS requires IDA Pro and IDAPython (for PIDA file generation)." wait, Catchconv requires Valgrind. Since when does Valgrind run on Vista? There is a Leopard port, but as far as I know it hasn't yet been released. I'd _love_ to hear about it if it has. “For Leopard and Vista, EFS as first-pass and Catchconv (with vgprof, STP, and a copy of “Open-Source Fuzzing”) as second-pass are going to be ideal choices, although EFS requires IDA Pro and IDAPython (for PIDA file generation).”

wait, Catchconv requires Valgrind. Since when does Valgrind run on Vista? There is a Leopard port, but as far as I know it hasn’t yet been released. I’d _love_ to hear about it if it has.

]]> By: Bert JW Regeer http://www.tssci-security.com/archives/2008/03/27/how-to-pwn-pwn2own/comment-page-1/#comment-5341 Bert JW Regeer Fri, 28 Mar 2008 03:56:41 +0000 http://www.tssci-security.com/archives/2008/03/27/how-to-pwn-pwn2own/#comment-5341 I find it a bit naive to think that Mac OS X would not be a strong target. There have been many vulnerabilities in Mac OS X applications over the past few months, and Leopards randomised stack is not even turned on for most applications. Mac OS X would have been my first guess to go, since it will get more "geek" credit than a Windows machine, not only that it will once again show that Apple is not as strong as it suggests. Safari has been hit lately by a few bugs, especially 3.1. There is a DoS that can happen when certain JavaScript is executed, and there are some problems parsing images. And those are ones I know about because of just browsing the web. I find it a bit naive to think that Mac OS X would not be a strong target. There have been many vulnerabilities in Mac OS X applications over the past few months, and Leopards randomised stack is not even turned on for most applications. Mac OS X would have been my first guess to go, since it will get more “geek” credit than a Windows machine, not only that it will once again show that Apple is not as strong as it suggests.

Safari has been hit lately by a few bugs, especially 3.1. There is a DoS that can happen when certain JavaScript is executed, and there are some problems parsing images. And those are ones I know about because of just browsing the web.

]]>