Category Archive for "Tal Zeltzer"

Fuzzing vs Reversing – Round #2 (Reversing)

muts

After a few days of fuzzing, I noticed that I covered a large part of the format (at least the part I found interesting) so I then began reverse engineering the format more thoroughly. I started by mapping out the…

Read More

Fuzzing vs Reversing – Round #1 (Fuzzing)

muts

I have recently been doing some fuzzing on the Adobe Flash Player. I started by implementing a simple format fuzzer for Flash based on a homegrown framework that I have been developing for awhile. I implemented and executed tests and progressively…

Read More

Exploiting Internet Explorer 7 – Case Study

muts

In this post we are going to take a vulnerability in Internet Explorer 6/7 that was exploited in a relatively stable manner and attempt to add the DEP bypassing ability. The main exploit for this vulnerability has been implemented as…

Read More

Exploiting Internet Explorer 7 With Dot Net

muts

In this post we will demonstrate the method discussed by mark dowd and alex sotirov for bypassing DEP and ASLR on IE 6/7 running on a windows vista machine. This method is simple and useful. We will create a .NET…

Read More

Analyzing undocumented formats

muts

Usually when I analyze a protocol or a file-format I spend a few hours or days mapping out targets. The first step towards really understanding what you’re dealing with is to really get to know your target. Search for old…

Read More