From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-bounces+public-inbox=simark.ca@sourceware.org>
Received: from simark.ca
	by simark.ca with LMTP
	id ujriBVw4EGW+GRwAWB0awg
	(envelope-from <gdb-bounces+public-inbox=simark.ca@sourceware.org>)
	for <public-inbox@simark.ca>; Sun, 24 Sep 2023 09:23:40 -0400
Authentication-Results: simark.ca;
	dkim=pass (1024-bit key; secure) header.d=sourceware.org header.i=@sourceware.org header.a=rsa-sha256 header.s=default header.b=hknNsUta;
	dkim-atps=neutral
Received: by simark.ca (Postfix, from userid 112)
	id 0D4B31E0C3; Sun, 24 Sep 2023 09:23:40 -0400 (EDT)
Received: from server2.sourceware.org (ip-8-43-85-97.sourceware.org [8.43.85.97])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256)
	(No client certificate requested)
	by simark.ca (Postfix) with ESMTPS id F13801E092
	for <public-inbox@simark.ca>; Sun, 24 Sep 2023 09:23:37 -0400 (EDT)
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id 2B0C23858421
	for <public-inbox@simark.ca>; Sun, 24 Sep 2023 13:23:37 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 2B0C23858421
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org;
	s=default; t=1695561817;
	bh=hHUlPyDXbj88+Dwga34v80IpVI2tMcMaxdw0GP+Mz3M=;
	h=Date:Subject:To:References:In-Reply-To:List-Id:List-Unsubscribe:
	 List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:
	 From;
	b=hknNsUtaRhi9lD+bqWbjKitCVEbjjAzk8doLpNHmbXqFZtNmoHBbsuY7sceedbhSY
	 pH21WxX8/NL+DfMxobtw+XITKoWR+3f0E3lKBEgxafwQuDY2X85UdLL+SHTErjhtb2
	 1Hh+ZhAB94xN/3UUMeW2gf2lwxfa0sMKQ3TM9PmM=
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
 by sourceware.org (Postfix) with ESMTPS id D352B3858D32
 for <gdb@sourceware.org>; Sun, 24 Sep 2023 13:23:10 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org D352B3858D32
Received: from mail-qv1-f69.google.com (mail-qv1-f69.google.com
 [209.85.219.69]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-255-8LdaAexxMQmZnRliBXGYEQ-1; Sun, 24 Sep 2023 09:23:06 -0400
X-MC-Unique: 8LdaAexxMQmZnRliBXGYEQ-1
Received: by mail-qv1-f69.google.com with SMTP id
 6a1803df08f44-65af3fd7a55so28920116d6.2
 for <gdb@sourceware.org>; Sun, 24 Sep 2023 06:23:06 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1695561786; x=1696166586;
 h=content-transfer-encoding:in-reply-to:from:references:to
 :content-language:subject:user-agent:mime-version:date:message-id
 :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
 bh=hHUlPyDXbj88+Dwga34v80IpVI2tMcMaxdw0GP+Mz3M=;
 b=PWYFnZOkJUfj0gkU58rHSJshAjjg86/16inKAXjhp5b5fQ5hoQeU4P5u+B1ZW9FKsQ
 bvrX9LxSqxEDAu/y4+d3J15Nyr14npcNHhISaiyFWVOeq49VqY2eqQ5O2vrTZhuCHh1x
 RlaUJtQenB0Pl1b0IpHoZnIV4gcRAB5FTG1xw17cMdZJf3k9ZZvc6TdZFZYt5js0i4Mj
 FwmCH5qEZAQT/jXQqUZVMIDhlyMujpWIkkBnV9K1rGmdxLcVknKTxQGPBBNiL6I6hRln
 mYBtsDkfS4Eeb/p/QdQLnYtF4VGu5cE8CON1SDM0sMoP7KjIwaSql4dNrs/7clKnggRW
 7Sxw==
X-Gm-Message-State: AOJu0YxO/SItJWYsWVn90hW4cruxhwhSTQjIJRYvkftyx82txKxSqz9V
 B/7Pi1ujnOYhl3yxzduh0qESKcwJZtgG+X8XLpo1gw0sYPdS0d+ZQNMcrI2xz/iCukvpxjZddDl
 nxIa+KfefvpuTEdGeSDk1UQ==
X-Received: by 2002:a0c:aa07:0:b0:656:3046:28ab with SMTP id
 d7-20020a0caa07000000b00656304628abmr2858448qvb.45.1695561786058; 
 Sun, 24 Sep 2023 06:23:06 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IF3QNgVBEzo1s3f2oPOZjtYiwwy2O1JhCbxUQiEHjfHUJK4krnttxo0GDpGXs0IOnquElfAaw==
X-Received: by 2002:a0c:aa07:0:b0:656:3046:28ab with SMTP id
 d7-20020a0caa07000000b00656304628abmr2858441qvb.45.1695561785720; 
 Sun, 24 Sep 2023 06:23:05 -0700 (PDT)
Received: from [10.228.5.150] ([195.89.33.213])
 by smtp.gmail.com with ESMTPSA id
 y18-20020a0ce052000000b0064f4e0b2089sm3251599qvk.33.2023.09.24.06.23.04
 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
 Sun, 24 Sep 2023 06:23:05 -0700 (PDT)
Message-ID: <4e6bdb93-4671-9ee6-5a89-b9ffba797cff@redhat.com>
Date: Sun, 24 Sep 2023 15:23:03 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
 Thunderbird/102.13.0
Subject: Re: Debugging vs Reverse Engineering
To: Jason Long <hack3rcon@yahoo.com>, SCOTT FIELDS via Gdb <gdb@sourceware.org>
References: <2065504698.3252109.1695560949235.ref@mail.yahoo.com>
 <2065504698.3252109.1695560949235@mail.yahoo.com>
In-Reply-To: <2065504698.3252109.1695560949235@mail.yahoo.com>
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Language: en-US
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-6.7 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH,
 DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, NICE_REPLY_A,
 RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE,
 SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: gdb@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Gdb mailing list <gdb.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/gdb>,
 <mailto:gdb-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/gdb/>
List-Post: <mailto:gdb@sourceware.org>
List-Help: <mailto:gdb-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/gdb>,
 <mailto:gdb-request@sourceware.org?subject=subscribe>
From: Guinevere Larsen via Gdb <gdb@sourceware.org>
Reply-To: Guinevere Larsen <blarsen@redhat.com>
Errors-To: gdb-bounces+public-inbox=simark.ca@sourceware.org
Sender: "Gdb" <gdb-bounces+public-inbox=simark.ca@sourceware.org>

On 24/09/2023 15:09, Jason Long via Gdb wrote:
> Hello folks,I have two questions:
Hello, thanks for the questions!
> 1- Can a debugger like GDB be used to find the vulnerability?

Yes, you could use GDB to find some security vulnerabilities, though it 
is hardly the best tool for this job. The kind of stuff you'd find with 
GDB is a logic mistake that leads to information leaks or similar. In my 
experience, though, GDB is more useful to look at one unexpected 
behavior and figure out if that leads to a security vulnerability or 
not, rather than going form scratch and giving the program unexpected or 
malicious inputs.

>
> 2- When a hacker finds a vulnerability in a program, has that hacker used debugging techniques or reverse engineering?

Reverse engineering doesn't necessarily have to do with security. 
Reverse engineering is the act of getting something that is not 
understood and trying to understand it without having access to any kind 
of documentation. I don't recommend running unknown binaries in your 
machine, since GDB doesn't provide any security, but if you are doing 
that, stepping slowly and trying to understand how the program works, 
you are doing reverse engineering. It doesn't have to relate at all to 
security.

With that in mind, the answer to your question is "it depends". The 
stuff you can find with GDB alone will always involve debugging 
techinques, but with regards to reverse engineering techniques, the 
question is does the vulnerability come in from the fact that the 
attacker knows the internal mechanisms for the program or not? If it 
does, then yes you could say you found a vulnerability by reverse 
engineering.

> Any idea welcomed.
>
> Thank you.
>
I hope this helps!

-- 
Cheers,
Guinevere Larsen
She/Her/Hers