TippingPoint Digital Vaccine Laboratories
DID YOU KNOW... DVLabs team members gave 20 presentations throughout 2010. Abstracts and slides are available here.

Exploiting MS Advisory 971778: QuickTime DirectShow

On May 28th, 2009 Microsoft released MS Security Advisory 971778 titled Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution. This vulnerability should be considered high-risk as it allows for remote code execution through a browser using the Windows Media Player ActiveX control. In this blog post I provide a brief walk through of the details of this issue and touch upon how it can be exploited in a reliable fashion.

What's Worse Than Finding a Bug in Your Apple?

Finding multiple bugs! Seriously, though, our most recent Digital Vaccine, DV7721 ...

The iPhone 3.0 Conundrum

Some features generally need to be looked at by a pessimistic jerk. If nobody else will step up, I'll be that guy.

Authoring a Technical Book

In July of 2007 two former colleagues and myself had our book "Fuzzing: Brute Force Vulnerability Discovery" published through Addison-Wesley. The book is under 600 pages and took well over a year to complete, during which the bulk of my free time and weekends were dedicated to completing the project. I learned a lot throughout the ordeal, especially with regards to the process of publishing. From conception to final press, here are some basic notes that should help reduce frustrations for anyone looking to author a technical book.

MindshaRE: Finding ActiveX Methods Dynamically

Today we step back into the world of COM/ActiveX to dynamically find object methods in a binary. This is probably the quickest way to identify the code handling the javascript/vbscript invocation of methods. This can then allow the researcher to audit the method for any potential vulnerabilities.MindshaRE is our monthly look at some simple reverse engineering tips and tricks. The goal is to keep things small and discuss every day aspects of reversing. You can view previous entries here b ...