Our company is interested in working with experienced security researchers on a project to project basis or even long term hiring if the skills are adequate.
The candidate is required to identify a security flaw in one of the following software:
- Microsoft Internet Explorer (should work on 6, 7 or 8)
- Microsoft Outlook (should work on 2003 and/or latest)
- Microsoft Word (should work on all release major and including Word 2000 til latest beta)
- Microsoft Exchange and Microsoft Servers
A skilled security programmer is required to find a security vulnerability in one of this software by using the desidered technique (fuzzing for example).
The vulnerability must be exploitable.
The vulnerability must be exploited, meaning that it should be possible to execute (by subverting the application logic) code by exploiting the vulnerability.
The vulnerability must not be already known.
The exploit demostration should download a file from the net via http and write it in c:\[url removed, login to view] .
The exploit should work on the latest release of the vulnerable application with all the latest vendor's patches applied.
Communication of the results must be provided trough encrypted .zip file with password agreed by phone (SMS).
The exploit should be written in c, c++ or with the Metasploit framework.
Please DO NOT provide public exploit and/or public vulnerability already know in the security community and/or by the software vendor.
NOTICE on the USAGE:
We are a security company working in security verification and penetration testing consultancy and those tools are used in fully legal activity authorized by customers. Security testing require the usage of tools capable of leaveraging the security sensibility trough results.
8 freelancer bu iş için ortalamada 1231$ teklif veriyor
Allow me to offer our services "The Werx" is fully equipped to handle vulnerabilities exploration, and document fully of the findings. I look forward to your reply.