Results 1 to 4 of 4

Thread: Finding Backdoor

  1. #1

    Thread Starter
    Frenzied Member
    Join Date
    Jan 2006
    Posts
    1,875

    Finding Backdoor

    recently i was reviewing one application code (was outsourced to some freelancer) and found code was bypassing credential validation for "xyz" . Tough application was small and was not revealing any confidential data but just wondering is there is any guideline or systematic way to find out these type of glitches,specially when application is quite big.

  2. #2
    Super Moderator Shaggy Hiker's Avatar
    Join Date
    Aug 2002
    Location
    Idaho
    Posts
    40,106

    Re: Finding Backdoor

    Hiding easter eggs and back doors into software has gone on since before Mathew Broderick played Global Thermonuclear War. Slipping one past management has been the motivation for some of the Excel eater eggs over the years, as well as adding a personal signature to a program. If there is one point of login, then you might just examine that area, even in a large project, but that guarantees nothing.
    My usual boring signature: Nothing

  3. #3
    I'm about to be a PowerPoster! mendhak's Avatar
    Join Date
    Feb 2002
    Location
    Ulaan Baator GooGoo: Frog
    Posts
    38,170

    Re: Finding Backdoor

    That's the (great?) thing about backdoors... they can be anywhere. You should probably get a security "expert" to come in and perform the audit. Not only will they have more experience with this but they will also get the blame if they don't find everything

    But if you're going to do it anyways, just use your judgment. It'd help if you could look at the source code and analyze it for defects or holes.

  4. #4

    Thread Starter
    Frenzied Member
    Join Date
    Jan 2006
    Posts
    1,875

    Re: Finding Backdoor

    hmm calling experts for an application worth 1000$ wont be a good option .. as of now reviewing all application entry point and queries for sql injection......hopefully that was the only glitch he had punch in

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width