Flayer: Exposing application internals

1st USENIX Workshop on Offensive Technologies, WOOT 2007

Volumn , Issue , 2007, Pages

  Drewry, Will ^a   Ormandy, Tavis ^a  

^a GOOGLE INC   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

CODES (SYMBOLS); DATA FLOW ANALYSIS; DIGITAL LIBRARIES; TESTING;

DYNAMIC BINARY INSTRUMENTATION; DYNAMIC INSTRUMENTATION; FAULT INJECTION TESTING TECHNIQUE; SECURITY TESTING; SECURITY-CRITICAL; SOFTWARE SECURITY; TAINT PROPAGATION; TARGET APPLICATION;

APPLICATION PROGRAMS;

EID: 85084164001     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (33)

1. Gnu gdb. http://www.gnu.org/software/gdb/.
2. Libtiff. http://http://www.remotesensing.org/libtiff/.
3. Openssh. http://www.openssh.org.
4. D. Aitel. The advantages of block-based protocol analysis for security testing. http://www.immunitysec.com/resources-papers.shtml, 2002.
5. D. Aitel. Spike. http://www.immunitysec.com/resourcesfreesoftware.shtml, 2003.
6. Beyond Security, Inc. Bestorm 2.0 whitepaper. http://www.beyondsecurity.com/bestorm whitepaper.html, September 2006.
7. R. S. Boyer, B. Elspas, and K. N. Levitt. Select: a formal system for testing and debugging programs by symbolic execution. In Proceedings of the international conference on Reliable software, pages 234–245, New York, NY, USA, 1975. ACM Press.
8. C. Cadar, V. Ganesh, P. M. Pawlowski, D. L. Dill, and D. R. Engler. Exe: automatically generating inputs of death. In Proceedings of the 13th ACM conference on Computer and communications security, pages 322–335, Alexandria, Virginia, USA, 2006.
9. DataRescue sa/nv. Ida pro. http://www.gnu.org/software/gdb/.
10. J. DeMott and Applied Security, Inc. Evolutionary fuzzing system. http://appliedsec.com/resources.html, May 2007.
11. M. Eddington. Peach. http://peachfuzz.sourceforge.net/README.txt, May 2004.
12. P. Godefroid, M. Levin, and D. Molnar. Automated whitebox fuzz testing. Technical Report MSR-TR-2007-58, Microsoft, May 2007.
13. Y. Goland, E. Whitehead, A. Faizi, S. Carter, and D. Jensen. Http extensions for distributed authoring – webdav. http://www.ietf.org/rfc/rfc2518.txt, February 1999.
14. B. Miller, L. Fredriksen, and B. So. An empirical study of the reliability of unix utilities. pages 32–44, December 1990.
15. D. A. Molnar and D. Wagner. Catchconv: Symbolic execution and run-time type inference for integer conversion errors. Technical Report UCB/EECS-2007-23, EECS Department, University of California, Berkeley, February 4 2007.
16. A. Moser, C. Kruegel, and E. Kirda. Exploring multiple execution paths for malware analysis. sp, 0:231–245, 2007.
17. N. Nethercote and J. Seward. Valgrind: A framework for heavyweight dynamic binary instrumentation. In Proceedings of PLDI 2007, San Diego, California, USA, June 2007.
18. J. Newsome and D. Song. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In Proceedings of the Network and Distributed System Security Symposium (NDSS 2005), 2005.
19. L.”pusscat” Grenier and Lin0xx. Byakugan: Automating exploitation. In ToorCon Seattle, Pioneer Square, Seattle, Washington, USA, May 2007.
20. J. Röning, M. Lasko, A. Takanen, and R. Kaksonen. Protos - systematic approach to eliminate software vulnerabilities. In Invited presentation at Microsoft Research, Seattle, USA, May 2002.
21. J. Seward and N. Nethercote. Using valgrind to detect undefined value errors with bit-precision. In Proceedings of the USENIX’05 Annual Technical Conference, Anaheim, California, USA, April 2005.
22. The MITRE Corporation. CVE-2006-3459. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3459, July 2006.
23. The MITRE Corporation. CVE-2006-3460. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3460, July 2006.
24. The MITRE Corporation. CVE-2006-3461. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3461, July 2006.
25. The MITRE Corporation. CVE-2006-3462. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3462, July 2006.
26. The MITRE Corporation. CVE-2006-3463. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3463, July 2006.
27. The MITRE Corporation. CVE-2006-3464. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3464, July 2006.
28. The MITRE Corporation. CVE-2006-3465. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3465, July 2006.
29. The MITRE Corporation. CVE-2006-4343. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343, August 2006.
30. The MITRE Corporation. CVE-2006-4924. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924, September 2006.
31. The MITRE Corporation. CVE-2006-5793. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793, November 2006.
32. M. Vuagnoux. Autodafé: an act of software torture. Technical report, Swiss Federal Institute of Technology (EPFL), Cryptograhy and Security Laboratory (LASEC), August 2006.
33. M. Weiser. Program Slices: Formal, Psychological, and Practical Investigations of an Automatic Program Abstraction Method. PhD thesis, 1979.