tags:

views:

130

answers:

2
+1  Q: 

What tool would you use to find security holes in Google Chrome

I wish to know from SO security experts and hackers what kind of tools would they use to find a security hole in Chrome's armor? And using what programming and testing techniques?

I'm particularly interested in Open Source tools running on Linux.

Google announced on the Chrome Web Browser blog that they will pay 500$US for each security bug found. They plan to offer 1337$ for major bugs.

Thanks and happy bounty hunting!

+2  A: 

just my opinion,

If you are not experienced in software you have better to exploit your skills doing some normal application/web app development then trying to get money from Google. After all two days of a freelance developer is about 500$.

Finding exploit is a difficult task and require really an huge knowledge of how computers works. There is many tecnics to discover exploits but almost none of them are automatic. If it was just using a tool Google would have done it themselves.

after for some basic tool you can try fuzzing tool but not really sure how it would behave with a browser.

RageZ  2010-02-03 05:48:08
Thanks, I was just wondering if there is tools to help finding security holes in a software product. I do have experience in software but not that kind of expertise. I don't intend to find bugs in Chrome to make a leaving. :)
esavard  2010-02-03 05:51:55
one way to go is also to download the source and try to use some code analyze tool on the source but like I said those kind of tool require a lot of knowledge and are not easy to use ^^ If you are doing that just by curiosity I would advice you to read tutorials on internet and try to find security holes in your own code, if you have coded a network service/daemon in your life. Security and exploit finding got really complex because the complexity of Oses/kernel/Just In time compilation/Obfuscation really changed lately, good luck
RageZ  2010-02-03 05:59:53
A: 

Couple of points

  • Read up about fuzzing
  • Read up about Assembly language
  • Obtain a fuzzer
  • Obtain a reverse engineering program / Debugger (OllyDB, IDA Pro)

Sorry I can't be more help, but I don't do a lot of fuzzing myself. But the points above should help you find overflows and whatnot in Chrome, if there are any. Finding exploits like this can be very tricky. I can only imagine the testing Google would give their apps before releasing them, but good luck ;-D

 2010-02-05 13:02:11

related questions

Encryption in C# Web-Services
How Do You Secure database.yml?
ASP.NET LocationProvider
What do you (or your company) use for wiping a machine?
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
Java: What is the best way to SFTP a file from a server
How do I call a Flex SWF from a remote domain using Flash (AS3) ?
Best way to store a database password in a startup script / config file?
Using VM to get around VPN restrictions
Best references for secure coding practices in ASP.NET and classic ASP.
Secure Memory Allocator in C++
Resolving Session Fixation in JBoss
Best Practices for securing a REST API / web service
Defensive programming
Personal Linux web server
Block user access to internals of a site using HTTP_REFERER
Is there an Unobtrusive Captcha for web forms?
My website got hacked... What should I do?
What all do I need to escape when sending a (My)SQL query?
How do you disable browser Autocomplete on web form field / input tag?
Best .NET obfuscation tools/strategy
Are there best practices for testing security in an Agile development shop?
What is the best way to avoid SQL injection attacks?
Found a critical bug, but the company doesn't care
PHP Session Security