The following weekly goals were identified last week:
1. Identify another application with a known vulnerability: In the beginning of the week, an exploit search was performed and another application
with a known vulnerability was identified. cTorrent is a torrent application which has a buffer overflow vulnerability and a known exploit for this vulnerability.
The exploit converts a .torrent file in the exploit, and when this .torrent file is run under ctorrent, it causes a Segmentation fault. The remainder of the week
was dedicated to understanding the characteristics of the application and its exploit. In conclusion, the characteristics of the exploit are not fully known, however,
the testing that was performed allowed us to change our view of our research, which will be explained more fully in detail once the details are known.
You can view my Progress Report of the current research performed here
Next Week: identify additional applications that can be run under systrace
This research is sponsored by NSERC and the Canadian Distributed Mentorship Project.
/ Ending Area of Table //>
best viewed with Internet Explorer 7.0 or Mozilla Firefox 2.0