81
vote
A short update of developments this week. Let's start with how to impress girls. read more »
heap corruption
Flash, Fuzzing and Girls.
By secgeeks - Posted on August 13th, 2008
Tagged:
111
vote
A short update of developments this week. Let's start with how to impress girls. read more »
Firefox Heap Corruption.
By secgeeks - Posted on May 24th, 2008
Tagged:
96
vote
Okay, onwards with heap fun. read more »
VBScript Fuzzing.
By secgeeks - Posted on April 15th, 2008
Tagged:
119
vote
I wrote a small VBscript fuzzer for Internet Explorer, mainly to fuzz objects. The reason is that regular Javascript is somehow protected from overflowing the heap in loops. Internet Explorer sees a huge loop and tries to kill it, or asks you to kill it. I noticed that with VBscript this isn't the case, it let us run code until it runs out of memory or overflows the heap, and just gives a warning or crashes after it overflowed. Which is neat, because it's more reliable.
Fuzzing the Flash object. read more »
Browser Hacking 1: Testing Your Code.
By secgeeks - Posted on February 16th, 2008
Tagged:
149
vote
Today I'll let you in on a trick I developed. One problem for many researchers is that when they found a browser issue or vulnerability, they must test it on different platforms, and different setups to guarantee that the vulnerability works in most cases. From an attackers standpoint this is way more crucial, because it is important to know that your exploit can work on different systems and browsers. Problem is, how do you arrange that? read more »
