Bug-finding K. K. Mookhey Network Intelligence India Pvt. Ltd.
Main types <ul><li>Mainly two types of audits </li></ul><ul><ul><li>Assembly or Black Box </li></ul></ul><ul><ul><li>Open ...
Looks Familiar?
Assembly Audit <ul><li>Use tools mainly </li></ul><ul><li>Look for assembly equivalents of strcpy, strcat, sprintf, etc. <...
Black Box <ul><li>Snapshot system before software installation </li></ul><ul><ul><li>Registry Keys (Regmon) </li></ul></ul...
Black Box - 2 <ul><li>Install software </li></ul><ul><ul><li>Note new files added </li></ul></ul><ul><ul><li>Note new regi...
Black Box – 3  <ul><li>Basic Approach </li></ul><ul><ul><li>Determine all input avenues to the software </li></ul></ul><ul...
Black Box - 4 <ul><li>Determine bugs in other such software </li></ul><ul><li>Try those out in your target </li></ul>
Methods for Black Box <ul><li>Can be done individually </li></ul><ul><li>More productive if done with team of 2-3 people <...
Open Source <ul><li>Use RATS for automated code audit </li></ul><ul><li>Then go to each function, sub-routine </li></ul><u...
General Guidelines <ul><li>When testing a software, go especially to the new features that they have added </li></ul><ul><...
<ul><li>Happy bug hunting </li></ul><ul><li>Questions? </li></ul>
Upcoming SlideShare
Loading in …5
×

Bug Finding - K.K.Mookhey

1,959 views

Published on

Network Intelligence India Pvt. Ltd.

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,959
On SlideShare
0
From Embeds
0
Number of Embeds
56
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Bug Finding - K.K.Mookhey

  1. 1. Bug-finding K. K. Mookhey Network Intelligence India Pvt. Ltd.
  2. 2. Main types <ul><li>Mainly two types of audits </li></ul><ul><ul><li>Assembly or Black Box </li></ul></ul><ul><ul><li>Open Source </li></ul></ul>
  3. 3. Looks Familiar?
  4. 4. Assembly Audit <ul><li>Use tools mainly </li></ul><ul><li>Look for assembly equivalents of strcpy, strcat, sprintf, etc. </li></ul><ul><li>Figuring out actual path of execution is the challenge </li></ul><ul><li>Not recommended </li></ul><ul><li>Less ROI </li></ul>
  5. 5. Black Box <ul><li>Snapshot system before software installation </li></ul><ul><ul><li>Registry Keys (Regmon) </li></ul></ul><ul><ul><li>Open Files (Filemon) </li></ul></ul><ul><ul><li>Open Network Connections (Netmon) </li></ul></ul><ul><li>All tools are from www.sysinternals.com </li></ul>
  6. 6. Black Box - 2 <ul><li>Install software </li></ul><ul><ul><li>Note new files added </li></ul></ul><ul><ul><li>Note new registry keys added </li></ul></ul><ul><ul><li>See ACLs on these – could be source for potential malicious inputs </li></ul></ul><ul><li>Run software </li></ul><ul><ul><li>Again snapshot the system </li></ul></ul><ul><ul><ul><li>Open Reg keys, Net connections, files, etc... </li></ul></ul></ul>
  7. 7. Black Box – 3 <ul><li>Basic Approach </li></ul><ul><ul><li>Determine all input avenues to the software </li></ul></ul><ul><ul><li>Imagine as programmers what data structures we will read the data into </li></ul></ul><ul><ul><li>What input checking could the programmer have missed? </li></ul></ul><ul><ul><ul><li>Length (Buffer Overflows) </li></ul></ul></ul><ul><ul><ul><li>Meta characters (SQL Injection, XSS) </li></ul></ul></ul><ul><ul><ul><li>Format string characters (Format string bugs) </li></ul></ul></ul>
  8. 8. Black Box - 4 <ul><li>Determine bugs in other such software </li></ul><ul><li>Try those out in your target </li></ul>
  9. 9. Methods for Black Box <ul><li>Can be done individually </li></ul><ul><li>More productive if done with team of 2-3 people </li></ul><ul><li>Too many people reduce productivity </li></ul><ul><li>One person only might miss some obvious tests </li></ul>
  10. 10. Open Source <ul><li>Use RATS for automated code audit </li></ul><ul><li>Then go to each function, sub-routine </li></ul><ul><li>Determine inputs </li></ul><ul><li>Check filtering of inputs </li></ul><ul><li>Check processing of inputs </li></ul><ul><li>Follow program execution to see where original input comes from </li></ul>
  11. 11. General Guidelines <ul><li>When testing a software, go especially to the new features that they have added </li></ul><ul><li>The older modules are likely to be more tested and stable </li></ul><ul><li>Do the unexpected – go where no one expects you to go </li></ul>
  12. 12. <ul><li>Happy bug hunting </li></ul><ul><li>Questions? </li></ul>

×