28th June 2010
Usually when I analyze a protocol or a file-format I spend a few hours or days mapping out targets. The first step towards really understanding what you’re dealing with is to really get to know your target.
- Search for old vulnerabilities, find a common motive.
- Attempt to find signatures of third party libraries. If found, check if they are indeed the last version
- Map out the types of data that the application parses. (for example, on internet explorer you could attempt to attack jpg images, the java-script interpreter, and many other components that are being parsed by internet explorer or passed on to the operating system)