Determina Security Research

home | vulnerabilities | zero-day patches | presentations | utilities

Presentations

Heap Feng Shui in JavaScript

This presentation introduces a new technique for precise manipulation of the browser heap layout using specific sequences of JavaScript allocations. We present a JavaScript library with functions for setting up the heap in a controlled state before triggering a heap corruption bug. This allows us to exploit very difficult heap corruption vulnerabilities with great reliability and precision.

BlackHat Europe 2007
Amsterdam, Mar 30, 2007

View as Flash
Download the presentation as PDF | Flash | PowerPoint | OpenDocument
Download the paper and source code

Hotpatching and the Rise of Third-Party Patches

Hotpatching is a common technique for modifying the behavior of a closed source applications and operating systems. This presentation will focus on one particular application of hotpatching: the development of third-party security patches in the absence of source code or vendor support, as illustrated by Ilfak Guilfanov's unofficial fix for the WMF vulnerability in December of 2005.

BlackHat USA 2006
Las Vegas, Aug 3, 2006

View as Flash
Download the presentation as PDF | Flash | PowerPoint | OpenDocument

Reverse Engineering Microsoft Binaries (updated for Recon 2006)

This presentation was updated with additional technical material for Recon 2006. The section on common features of Microsoft binaries was expanded and is now accompanied by an IDA database with examples. The description of the Determina PDB plugin was also updated to include the latest algorithm improvements in version 0.4.

Recon 2006
Montreal, Jun 16, 2006

View as Flash
Download the presentation as PDF | Flash | PowerPoint | OpenDocument
Download the IDB database

Watch the video at archive.org

Reverse Engineering Microsoft Binaries

Reverse engineering Microsoft software presents numerous challenges, including compiler optimizations, function chunking, C++ vtables, loading debugging symbols and more. Based on our experience with reversing most Microsoft patches from the last 6 months, we present a number of techniques for improving the accuracy of the disassembly output and automating the reverse engineering process.

CanSecWest/core06
Vancouver, Apr 7, 2006

View as Flash
Download the presentation as PDF | Flash | PowerPoint | OpenDocument

© 2007 Determina™ | Site Map | Privacy Policy | Copyright Statement