content top

Heap Spraying – Active X Controls Under Attack

Heap Spraying – Active X Controls Under Attack

4Introduction   An ActiveX control is essentially a simple OLE object that supports the IUnknown interface. It was introduced in 1996 by Microsoft as a development of its Component Object Model (COM) and Object Linking and Embedding (OLE) technologies and is commonly used in its Windows Operating System.   ActiveX controls are highly portable COM objects, used extensively throughout Microsoft Windows platforms and, especially, in...

Read More

Shellcode Of Death

Shellcode Of Death

17Introduction   Recently, I had been working on a shellcode project that we named as “Shellcode Of Death“. “Shellcode of Death” is designed to run on Windows x86 platforms like Windows XP/Vista/7/8/Server 2003/2008.   What this shellcode does?     Well, this shellcode has been designed to format all the available drive on Windows. Weird? Huh!!! Yes, I know you may be thinking this is weird and...

Read More

Egg Hunter – Twist in Buffer Overflow – BisonWare FTP Server v3.5

Egg Hunter – Twist in Buffer Overflow – BisonWare FTP Server v3.5

4INTRODUCTION It’s time for breakfast and I prefer bread with omelet. Eggs are a fantastic source of energy for humans.:-) “Eggs” also plays an important role when it comes to complex exploit development. As we know, in stack-based buffer overflow, the memory is more or less static. That is, we have enough memory to insert our shellcode. When the “Egg hunter” shellcode is executed, it searches for the unique “tag” that was...

Read More
content top