Monday, February 18, 2008

DeepSec 2007 - RPC Auditing Tools and Techniques

"RPC interfaces have historically been the source of many high profile vulnerabilities. While the protocol itself is well understood, it's specifications make manual auditing tedious and difficult. The strict on-the-wire checks make communicating with an RPC server an aggravating process. Padding issues, complex embedded structures, lack of documentation, alignment, context handles, and debugging issues make crafting large requests near impossible. Our presentation will address all of these issues and we will release tools to automate the RPC auditing process. Our framework will automate the discovery of RPC servers, locating modules that define the interfaces, parsing of IDL files, and generation of client code to speak with the servers"

Video - http://video.google.de/videoplay?docid=4994651985041179755

Slides - http://wiki.deepsec.net/images/8/8d/Deepsec2007_Portnoy_Pierce.pdf

Much respect to my friends at Tipping Point...

No comments:

Post a Comment