Below you will find DoS poc for MS Excel 2010.
Found during some fuzzing exercises... ;)
Also you will find a small description, directly from Windbg:
Showing posts with label fuzzing. Show all posts
Showing posts with label fuzzing. Show all posts
Sunday, 15 May 2016
Friday, 29 April 2016
Another DoS in MS Publisher 2010
During last week I found few more NULL ptrs in MS Office Publisher (2010 for Windows 7).
Saturday, 24 October 2015
[EN] SOAP testing
During one of last projects I needed to test some webservices.
I was wondering: if I can do it with Burp or by manual testing,
maybe I can also write some quick code in python...
And that's how I wrote soapee.py:
I was wondering: if I can do it with Burp or by manual testing,
maybe I can also write some quick code in python...
And that's how I wrote soapee.py:
Friday, 2 October 2015
My Java SIGSEGV's
During
couple of last days I was checking lcamtuf’s American Fuzzy Lop against
some (“non-instrumented”) binaries.
I was
looking for some sources, but unfortunately I wasn’t able to find any. Next
thing was checking where I have Java installed (so I will know what/where I can
check. Kind of ‘test lab’ was: Ubuntu 12, Kali Linux, WinXP, Win7. (Exact version
of Java installed on that OS’s you will find below.)
Monday, 25 May 2015
[EN] Browser exploitation during CybercomDev conference - Updated
During this weekend I gave my first formal security presentation at CybercomDev in Poland.
I was talking about use-after-free exploits, fuzzing and browser exploitation.
Thank you for watching and support ;)
* Currently this presentation is available only on demand.
* Update - 16.07.2015 *
Video (PL) is available here. Thank's Kenis. ;)
See you next time! ;)
o/
I was talking about use-after-free exploits, fuzzing and browser exploitation.
Thank you for watching and support ;)
* Currently this presentation is available only on demand.
* Update - 16.07.2015 *
Video (PL) is available here. Thank's Kenis. ;)
See you next time! ;)
o/
Tuesday, 24 February 2015
[EN] Fun with American Fu(n)zzy Lop
Last days I was doing a little research about 'how this crazy afl works'. ;)
"American Fuzzy Lop" it's an excellent tool created by lcamtuf.
Now it's a good moment to check the documentation of 'afl' if you want
some nice details about using it.
"American Fuzzy Lop" it's an excellent tool created by lcamtuf.
Now it's a good moment to check the documentation of 'afl' if you want
some nice details about using it.
Tuesday, 15 April 2014
[EN] Just allow popup
k@lab:~/public_html/js$ cat xxx.html
<!-- seems to be simple ;] --!>
<!-- of course will work only with popup enabled --!>
<script>
function NewTab(url){
var hi=window.open(url, '_blank');
hi.focus();
}
NewTab(window.location);
</script>
k@lab:~/public_html/js$
;]
<!-- seems to be simple ;] --!>
<!-- of course will work only with popup enabled --!>
<script>
function NewTab(url){
var hi=window.open(url, '_blank');
hi.focus();
}
NewTab(window.location);
</script>
k@lab:~/public_html/js$
;]
Subscribe to:
Posts (Atom)