Analyst hours expended: Disassembly / initial analysis 8 Code execution / debug 4 Code tracing / network capture 36 decoder 4 writeup / analysis 8 total 60 @ $33/hour $1980
In security analysis and reverse engineering I have worked in both finding vulnerabilities and designing secured systems and protocols since 1995.
in 1995 I used a similar strategy to the one I have applied here to demonstrate a hole in Microsoft's NT password-change mechanism, allowing an attacker who could simply sniff packets and perform a simple analysis to glean most of the passwords used in an NT Lan. I believe this was the same flaw which was later demonstrated in 'LOphtCrack'.
Copyright © 2002 FW Systems LLC, All Rights Reserved