Entries with no category
I have my own talk from CanSecwest to blog about but this one is more interesting and the most awaited one. So here are the slides, I will add my own analysis and test cases to this blog entry later. Interesting thing is we had this technique discussed on garage in november http://www.garage4hackers.com/f22/wi...innu-3080.html .
Yu Yang @tombkeeper did a demo of the technique on Ms013-08 and it does not ever need a heap spray for his ASLR/DEP bypass
Last week a friend asked few queries regarding use after free vulnerabilities, . It's been a while I wrote a tutorial so taught of cooking a beginners guide this week end. I wanted a live target for the tutorial so my plans were to run my fuzzer on an old version of IE 6, since it is easy to find a bug in and it's not worth to blog out any new versions 0-day . Any way I picked up the first test case IE crashed on and
6 Months back I did a presentation on Mac OSX 64 bit ROP shellcodes at Null Monthly meet, where I took two different session explaining 64 bit architecture in detail and Mac OSX 64 Rop Shellcode. Today I was browsing through some old stuffs and came across the PPT I used back then. The slides only contains the first day's presentation and I can't find the second days PPT .
Am sharing it over here. There is nothing new.
My ekoparty.org [Argentina] and NU[Delhi] talk and also Ruxcon [Australia] and BlackHat [Abhudabi] which I could't make it .
What is this paper about:
Input validation attacks and memory corruption attacks are common, and the
criticality of finding a DOS attack on a service like HTTP is consider a lot critical
considering the attack surface and easiness of attack. Even if we could trigger an
exception in an
This would be part-1 one of my C0C0n talk , where I demonstrated few PHP 0-days, Local and Remote . The entire concept of the talk was demonstrating attacks on WebApplications via scripting engines.
In a common Webapp test we manipulates Input , that a common end user controls and check for responses from the app. But since these data passed are processed by the PHP,ASP engines that are used to build these apps. We
I stopped blogging when I realized that the articles I put up here could be turned into papers and I could use that to speak at conferences[#travel-the-world #meet-people ] . And therefore frequency of my blogging came down. Anyways this a real incident that happened to me yesterday, not much of technical content but a good read if you'r interested in physical security devices.
I Was trapped between two RFID doors for 5 long hrs without my access cards yesterday and I finally broke
Here goes my second part the HITB ventures , could read the BLackhat diary form here.
I was in Europe twice this year , in March for BlackHat Presenting on IVR Security. And in May for HITB presenting on "CXML VXML Auditing" . So now many months since these conferences have ended and I finally got some time, I have managed to write up my thoughts on them.
I was pretty caught up with few office, personal stuffs that I could not find time to blog on my BlackHat ventures .
I was in Europe twice this year , in March for BlackHat Presenting on IVR Security: Internal Network Attack via Phone Lines. And in May for HITB presenting on "CXML VXML Auditing" . Both the events were fun and met lot of Hacker Ninjas, and that
There was a good article released by Joni on MS11-046 vulnerability based on a malware he analysed .
So I taught of spending my staurday night building an exploit for this .
Windows [not sure about Win 7] lets Mapping of 0x00000000 in user space, and this particular vulnerability windows fix [Ms011-46] was by adding a simple check for Null Pntr in the AFD.sys, which I find odd, so I assume Win 7 it would
Am putting down Demo videos along with few important slides form my BlackHat 2012 presentation .
My presentation were in HTML 5 and am putting down Demo Presentations here. I will upload the HTML5 presentation some were or you could download them form
For Better understanding about these demos go through the html 5 slides