|
|
|
|
|
|
by schuyler2d
802 days ago
|
|
|
Quite rightly most attention has been on the operational success of the backdoor and how it achieves it's goals. But I would love some deeper analysis of the mistakes and over-engineering parts. In the Bryan Cantril interview [1] Andrés suggests there are a lot of dumb things done because it was a kind of off-the-shelf backdooring piece that didn't necessarily know how it would be deployed. Eg the symbol table lookup that led him to investigate. Similarly, why were they chopping off 48 bytes using RC4 [2] So I'd love folks to talk about how (given more time/better team) this could have been better or where they messed up more [1] https://youtu.be/jg5F9UupL6I?si=gvXsYFXgagkGOMd4
[2] https://twitter.com/matthew_d_green/status/17744729080201014... |
|
|