View Single Post
Old 04-03-2015, 04:11
Insid3Code's Avatar
Insid3Code Insid3Code is offline
Join Date: May 2013
Location: Algeria
Posts: 80
Rept. Given: 45
Rept. Rcvd 60 Times in 30 Posts
Thanks Given: 23
Thanks Rcvd at 100 Times in 53 Posts
Insid3Code Reputation: 60
Yes, releasing something (vulnerability/exploit) that can be used for malicious purposes by bad guys is always problematic, but IMHO expose a vulnerability (to the author first, then to the public after that the fix was released) can help developers and users to be better protected.

In VM detection case, EP_X0FF work around known tricks used by malware authors in real life, and malware authors also search what is new (Underground/Private forums). Do not expose these tricks lead to more victims.

Collect and expose all VM detection tricks in open source project can help also all RCE Newbies to better learn and test binary analysis.
Computer Forensics
Reply With Quote
The Following User Gave Reputation+1 to Insid3Code For This Useful Post:
user1 (04-03-2015)
The Following 2 Users Say Thank You to Insid3Code For This Useful Post:
Indigo (07-19-2019), user1 (04-03-2015)