Our company is interested in working with experienced security researchers on a project to project basis or even long term hiring if the skills are adequate.
The candidate is required to identify a security flaw in one of the following software:
- Microsoft Internet Explorer (should work on 6, 7 or 8)
- Microsoft Outlook (should work on 2003 and/or latest)
- Microsoft Word (should work on all release major and including Word 2000 til latest beta)
- Microsoft Exchange and Microsoft Servers
A skilled security programmer is required to find a security vulnerability in one of this software by using the desidered technique (fuzzing for example).
The vulnerability must be exploitable.
The vulnerability must be exploited, meaning that it should be possible to execute (by subverting the application logic) code by exploiting the vulnerability.
The vulnerability must not be already known.
The exploit demostration should download a file from the net via http and write it in c:\[url removed, login to view] .
The exploit should work on the latest release of the vulnerable application with all the latest vendor's patches applied.
Communication of the results must be provided trough encrypted .zip file with password agreed by phone (SMS).
The exploit should be written in c, c++ or with the Metasploit framework.
Please DO NOT provide public exploit and/or public vulnerability already know in the security community and/or by the software vendor.
NOTICE on the USAGE:
We are a security company working in security verification and penetration testing consultancy and those tools are used in fully legal activity authorized by customers. Security testing require the usage of tools capable of leaveraging the security sensibility trough results.
8 freelancers are bidding on average $1231 for this job
Hello, Bid is from web application experts. Please see the PMB for more detail about us. Cheers, InfyAgent
I am already working in security domain and very good in c and c++ programming. I think i can complete this project with in the projected time.
Allow me to offer our services "The Werx" is fully equipped to handle vulnerabilities exploration, and document fully of the findings. I look forward to your reply.
we have our firewall ,IDS code ourself, interested this project we can offer some sample of application code if u need
Hi, I would like to do that. I have 9 yrs of exp in C/C++. Thanks
Please see my profile. I am a information security auditor and a ethical hacker who is confident enough to take this project.
Hi , Thank for the opportunity . We have several years of experience in Java, J2EE, Servlets, JSP, Struts, Spring, Hibernate, JavaBeans ,Java Script, XML., Hibernate, JDBC/ODBC , Spring Framework and configuring Daha Fazla