On Mon, Sep 23, 2013 at 4:17 PM, coderman <coderman@gmail.com> wrote:
...
the source code provides "hard coded" keys/passwords or pointers to files where interesting bits lay,
someone asks: "how do you find the interesting sources?" this is something i pride myself on, having dealt with scores of large enterprise systems and ERP deployments over many years. i'm going give hints, rather than specifics, but it will be sufficient for the motivated party. (people ask why i rarely distribute code myself - it is because i need every strategic advantage i can get, and custom software, builds, and configurations are part of that operational security. maybe one day...) orienting yourself in a large code base: 0. you must know how to code in, and what frameworks, libraries, and toolkits are common for, the language at hand. 1. filter all the third party components and sources out. these are not interesting. 2. keyword search for password handling, private keys, hardcoded secrets, etc. 3. keyword search for the public interfaces of interest, or API calls exposed, etc. 4. keyword search for business specific terms, e.g. where does the meat of their business logic reside? as you become more familiar with how various institutions implement large systems, you get a "sixth sense" or "intuitive" ability to focus in on the relevant parts and identify where shortcuts and oversights are most likely to occur. rinse, repeat, again and again, and eventually you'll find yourself 10x more effective at these tasks, having combined your increasingly accurate intuition with custom scripts and techniques for maximum effectiveness. it's an almost spooky ability when you look at a piece of code and just "know" where the bugs are, and sure enough, you find them right where you expect.